Blog Banner SVG

Don't Let Paperwork Slow You Down

Register Your Business Online in Just 7 days

Blog Banner
HomeBlogDifferent Types of Digital Signature Certificates & Uses
DSC

Different Types of Digital Signature Certificates & Uses

Joel Dsouza
Published On:
Updated On:
15 min read

India’s digital economy runs on trust and security. Every day, individuals and businesses carry out high-value online transactions that demand verified identities and legally valid documentation. A Digital Signature Certificate (DSC) serves this purpose; it’s a secure electronic key issued by a licensed Certifying Authority (CA) to confirm identity and protect data. The types of digital signature certificates in India are classified by both their function and class, helping users choose the right one for their specific needs.

Each DSC includes key details such as:

  • The holder’s name
  • The holder’s public key
  • The expiry date of the certificate
  • The name of the Certifying Authority that issued it
  • The digital signature of the CA

India’s dependence on DSCs is immense. For instance, government platforms like the GeM and e-tendering portals processed transactions worth over ₹4.5 lakh crore last year, and a DSC is mandatory for anyone who participates.

Understanding the different types of digital signature certificates is now essential for every business owner, professional, or individual who interacts with government systems. This blog explains the classifications, uses, and legal standards that make DSCs the backbone of India’s secure digital transactions.         

Types of Digital Signature Certificates by Class

Historically, DSCs in India were divided into three classes. However, since January 1, 2021, the Controller of Certifying Authorities (CCA) has streamlined the system, and now only Class 3 DSCs are issued.

Class 1 Digital Signature Certificate

This was the most basic type of DSC. It provided a low level of assurance.

  • Verification: It only verified that the applicant’s email address and name were associated.
  • Status: Class 1 DSCs are now discontinued. The CCA has phased them out, and they are no longer accepted for any official or legal use.

Class 2 Digital Signature Certificate

This was the most common DSC for many years. It provided a moderate level of security.

  • Verification: This DSC verified the person’s identity against a pre-verified, trusted database.
  • Use Cases (Historical): It was widely used for

As per CCA guidelines, CAs stopped issuing new Class 2 DSCs on January 1, 2021. Existing Class 2 certificates were valid until they expired, but they cannot be renewed.

Class 3 Digital Signature Certificate

This is now the highest and only class of DSC available for individuals and organizations. It offers the strongest level of identity verification and security.

  • Verification: The verification process for a Class 3 DSC is very strict. An applicant must complete:
    • Aadhaar-based eKYC: Using their Aadhaar number for instant identity proof.
    • Video Verification: A live video recording where the applicant states their name with other details and shows their original PAN card.
    • Document Verification: Submission of identity and address proofs.
  • Security: Class 3 DSCs must be securely stored on a FIPS 140-2 Level 2 certified hardware token. This USB device, which looks like a pen drive, prevents copying and protects the DSC from computer viruses.
  • Common Uses: Class 3 DSCs are mandatory for all high-security transactions. This includes:
    • E-tendering and e-procurement on all government portals.
    • E-auctions.
    • All MCA and ROC filings (which previously used Class 2).
    • GST and Income Tax filings.
    • Intellectual Property (IP) filings.
    • Signing legally binding contracts and agreements.
  • Recognized Certifying Authorities (CAs): The Controller of Certifying Authorities (CCA) recognizes several trusted CAs that issue Class 3 DSCs in India, including
    • eMudhra
    • Sify
    • Capricorn
    • NSDL
    • XtraTrust

This unified, high-security Class 3 DSC standard has strengthened India’s digital ecosystem, ensuring safer and more reliable electronic transactions across all sectors.

Types of Digital Signature Certificates by Function and Usage

Beyond the “Class” (which is now only Class 3), the different types of DSC are also categorized by their function. When a person applies for a Class 3 DSC, they must choose what type of certificate they need.

1. Signing DSC (“Sign”)

This is the most common functional type. Its sole purpose is to “sign” a document, which authenticates the signer’s identity and locks the document from changes.

  • Common Use Cases:
    • Filing Income Tax Returns.
    • Submitting GST returns.
    • Filing documents on the Ministry of Corporate Affairs (MCA) portal (mca.gov.in).
    • Digitally signing invoices, purchase orders, and contracts.

2. Encryption DSC (“Encrypt”)

This certificate is not used for signing but instead encrypts data to ensure confidentiality. When a person sends a document encrypted with this DSC, only the intended recipient (who has the corresponding key) can open and read it.

  • Common Use Cases:
    • Sending highly sensitive or confidential documents via email.
    • Securing data in transit.
    • Some specific government portals require an “Encrypt” certificate for uploading sensitive commercial or financial information.

3. Combo DSC (“Sign & Encrypt”)

This type provides both functionalities in one. The holder receives two certificates (one for signing, one for encryption) under their name.

  • Common Use Cases:
    • This is the standard requirement for most e-tendering and e-procurement portals in India.
    • Bidders use the ‘Sign’ certificate to sign their bid documents, proving authenticity.
    • They use the ‘Encrypt’ certificate to encrypt their financial bid, ensuring no one can see the price until the official bid opening.

Why Digital Signature Certificates Matter? Key Benefits

In India, DSCs are legally valid under the Information Technology Act, 2000. This law gives digital signatures the same legal recognition as physical, handwritten signatures on paper documents.

When a person signs a document digitally using a DSC, it creates a unique digital mark. This signature provides three essential things:

  1. Authentication: It confirms that the person who signed the document is who they claim to be.
  2. Integrity: It ensures that the document was not altered or tampered with after it was signed.
  3. Non-repudiation: It provides legal proof that the holder did indeed sign the document. The signer cannot later deny having signed it.

This makes them essential for tax filings, corporate compliance, and e-tendering. 

Under the Information Technology Act, 2000, digital signatures hold the same legal status as handwritten signatures.

A DSC ensures:

  • Authentication: Confirms the signer’s identity
  • Integrity: Prevents post-signing document alterations
  • Non-repudiation: Ensures the signer cannot deny having signed

This legal recognition makes DSCs indispensable for tax filings, compliance, and secure digital communications.

Role of the Controller of Certifying Authorities (CCA)

The primary governing body is the Controller of Certifying Authorities (CCA). The CCA operates under the Ministry of Electronics and Information Technology (MeitY). The CCA has several key responsibilities:

  • It licenses and regulates the Certifying Authorities (CAs).
  • It sets the standards for verification, security, and issuance of all DSCs.
  • It maintains the National Repository of Digital Certificates (NRDC), a database of all issued certificates.

Validity and Renewal Norms

A Digital Signature Certificate is not valid forever, but for one to three years only. It is the holder’s responsibility to renew the certificate before it expires. It is advised that the renewal process can be started up to 30 days before the expiry date

If a DSC expires, it can no longer be used for signing. The holder must then apply for a new certificate, which involves completing the full verification process again.

Why the Classification of DSCs Matters?

The CCA classifies DSCs based on the level of verification and security. The different types of digital signature certificates exist to match different levels of risk.

  • A simple email signature requires a low level of trust.
  • Filing a company’s annual return requires a higher level of trust.
  • Submitting a multi-crore government e-tender requires the highest possible level of trust.

High-security certificates protect high-risk transactions under the classification system. This protects all parties involved, from the individual to the government agency.

Specialized and Domain-Specific Digital Signature Certificates

Some portals require special types of DSC that are tailored for their specific domain. These are still Class 3 certificates, but they contain additional information.

Some Indian government portals specifically require DSCs mapped to their online systems. These domain-linked DSCs ensure identity verification and seamless digital filing on respective portals.

1. DGFT / IEC Digital Signature Certificate

This DSC is specifically for use on the Directorate General of Foreign Trade (DGFT) portal (dgft.gov.in).

Why Specialized: When importers or exporters apply for the DSC, the issuing authority embeds their IEC into the certificate. This makes it mandatory to submit online license applications, customs documents, and other trade-related filings.

2. ICEGATE (Customs) Digital Signature Certificate

This DSC is used for the Indian Customs Electronic Gateway (ICEGATE). It is the digital portal of the Central Board of Indirect Taxes and Customs (CBIC) for filing customs-related documents online.

Why Specialized: It allows customs house agents, importers, and exporters to file bills of entry, shipping bills, and other customs documents securely. It requires a Class 3 ‘Sign’ DSC to authenticate the organization’s filings.

3. Automated / Bulk Signing (Document Signer Certificates)

Verified organizations, not individuals, receive Document Signer Certificates under Rule 12 of the CCA guidelines. Banks, ERP platforms, and large institutions that manage extensive digital documentation and require automated signing use them most effectively.

Typically installed on a server or Hardware Security Module (HSM), these certificates enable systems to sign thousands of documents automatically, including:

  • Bank statements
  • Telecom bills
  • TDS certificates (Form 16)
  • Invoices
  • Academic transcripts

This saves immense manual effort and ensures every document is legally valid and secure.

How to Choose the Right Digital Signature Certificate?

Selecting the correct type of digital signature certificate is a crucial decision. Choosing the wrong one can lead to rejection on government portals and business delays. An applicant must consider several factors.

Factors to Consider While Choosing DSC

  • Use Case: The purpose of the DSC determines its type.
    • A Class 3 ‘Sign’ DSC is required for filing Income Tax Returns (ITR) or MCA forms.
    • For e-tendering or e-procurement, a Class 3 ‘Combo’ (Sign & Encrypt) DSC is usually mandatory.
    • For import-export activities, a DGFT DSC is specifically needed.
  • Level of Assurance: Since 2021, India has adopted a single standard, the Class 3 DSC, which ensures maximum security and uniformity across all e-governance portals.
  • Storage Requirements: You must store every new DSC in a secure hardware USB token. Applicants must obtain one if they do not already have a valid token.
  • Validity Period: DSCs are generally valid for 1, 2, or 3 years. Choosing a longer validity period is more cost-effective and helps avoid frequent renewals.

Applicants should review the specific requirements of the government portal or platform they plan to use. Most official portals clearly specify the exact type of DSC required in their FAQs or user manuals.

How to Apply for a DSC?

Obtaining a Digital Signature Certificate (DSC) from a trusted provider like RegisterKaro is a streamlined, paperless, and fully CCA-compliant process. Applicants can apply for a DSC through multiple verification methods, including Aadhaar-based eKYC, video verification, or through a registered Certifying Authority, as recognized under the IT Act, 2000.    

Step-by-Step Application Process

  1. Select the DSC: The applicant visits the RegisterKaro website and chooses the correct type of DSC. They select Class 3, the function (Sign, Encrypt, or Combo), and the validity period (1, 2, or 3 years).
  2. Complete the Form: The applicant fills out the online application form with their accurate personal and organizational details.
  3. Make Payment: The applicant securely completes the payment for the certificate and the USB token (if needed).

For personalized assistance with the DSC application or renewal, you can contact RegisterKaro. Our experts ensure a quick, compliant, and hassle-free process for both individuals and organizations.

Documents Required

The applicant must have the following documents ready for the verification process:

The Verification Process

The following is the most critical step mandated by law:

  1. eKYC: The applicant can complete their eKYC using their Aadhaar number, which verifies their identity and address instantly. However, Aadhaar-based eKYC is optional; applicants can also verify their identity through physical document verification or video verification as per their convenience.
  2. Video Verification: The applicant must record a short, live video. In this video, they state their name, the purpose of the application, and show their original PAN card and address proof to the camera.

Receiving and Renewing the Digital Signature Certificate

dsc token

After successful verification, the certifying authority securely issues the DSC, downloads and installs the certificate onto a secure USB token, and then safely dispatches the token to the applicant’s address.

Benefits of Different DSC Types

Using the correct types of DSC and uses offers significant benefits for both individuals and businesses.

  • Security: A Class 3 DSC, stored on a hardware token, provides the highest level of security. It makes forgery impossible and protects the holder’s identity. The ‘Encrypt’ type adds another layer of confidentiality.
  • Cost and Efficiency: DSCs eliminate the costs of paper, printing, ink, and courier services. They also save enormous amounts of time. You can sign and send a contract across the world in minutes, not days.
  • Legal Compliance: Using a DSC is a legal requirement for most business filings in India. Having the correct type of DSC in India ensures a business remains compliant with the IT Act, 2000, and rules from bodies like the MCA and CBIC.
  • Business Trust: Using a DSC builds credibility. When a government agency or a business partner receives a digitally signed document, they have complete trust in its origin and integrity. This is vital in high-stakes environments like e-tendering.
  • Faster Compliance and 100% Reliability: DSCs drastically reduce turnaround time for online filings and submissions. They ensure 100% compliance reliability across key regulatory systems such as MCA, GST, DGFT, and CBIC, enabling businesses to maintain uninterrupted and efficient operations.

Real-World Use Cases and Examples of DSC

Understanding the types of DSC and their uses is easiest with practical examples.

  • E-Tendering: A construction company wants to bid for a new highway project. The government portal requires a Class 3 Combo DSC. The company’s director uses the ‘Sign’ function to authenticate the bid documents. The director then secures the financial quote using the ‘Encrypt’ function, ensuring it remains confidential until the tender opens.
  • MCA Filings: A Company Secretary (CS) must file the company’s annual returns. The CS uses a Class 3 ‘Sign’ DSC to log in to the MCA portal and to sign the electronic forms, certifying their accuracy.
  • Import-Export: An export house needs to apply for an export license from the DGFT. The company’s authorized person uses their specialized DGFT DSC, linked to their IEC code, to sign and submit the application on the DGFT website.
  • Corporate Document Signing: A large bank needs to send 500,000 Form 16 (TDS) certificates to its employees. It uses a Document Signer Certificate installed on its server to automatically and digitally sign every single Form 16, making them all legally valid.

Conclusion

Understanding the different types of DSC is essential for navigating India’s digital landscape. The government’s move to standardize on the high-security Class 3 DSC has made online transactions safer for everyone.

The old Class 1 and Class 2 certificates are now history. The modern choice is based on function: ‘Sign’ for authentication, ‘Encrypt’ for confidentiality, or ‘Combo’ for both. Specialized certificates like the DGFT DSC serve specific industry needs.

Choosing the right certificate is the first step toward secure and compliant digital operations. For businesses and individuals looking to secure their digital identity, applying for a DSC is a necessary step.

Apply today through RegisterKaro to protect your digital identity and achieve 100% compliance with ease.

Frequently Asked Questions (FAQs)

1. How long does it take to get a Digital Signature Certificate? 

The Digital Signature Certificate (DSC) application process is very fast. Once the applicant submits the online form and completes video verification, the DSC is typically approved and issued within 10 to 30 minutes. The final delivery time depends on the dispatch of the physical USB token.   

2. Can an individual have more than one DSC? 

Yes, a person can have multiple DSCs. For example, a director in two different companies may have two separate organization-specific DSCs. A professional, like a Chartered Accountant, might have their own personal DSC and also use DSCs on behalf of their client firms (with proper authorization).

3. Is the Class 2 DSC still valid for use? 

No new Class 2 DSCs can be issued. The issuance stopped on January 1, 2021. If a person has an old Class 2 DSC, it is only valid until its expiry date. It cannot be renewed. For all new requirements and renewals, a person must apply for a Class 3 DSC.

4. What happens if a DSC expires? 

An expired DSC is completely unusable. The holder cannot sign any documents or log in to any portals with it. They must apply for a new DSC and complete the full verification process (including video KYC) again. It is best to renew a DSC before it expires.

5. Can a foreign national or a foreign company get a DSC? 

Yes, foreign nationals and foreign-incorporated companies can obtain a DSC in India. The documentation requirements are different. They typically need to provide an apostilled or consularized copy of their passport, address proof, and company registration documents. The verification process is also more detailed.

6. What is the difference between a DSC and a digital signature? 

A Digital Signature Certificate (DSC) is the secure digital file (the “key”) issued by a CA that proves a person’s identity. A “digital signature” is the electronic mark that is created when a person uses their DSC to sign a document. The DSC is the tool; the digital signature is the result.

7. What is a USB token, and is it mandatory? 

A USB token is a small, password-protected hardware device that looks like a USB drive. It securely stores the DSC’s private key. As per CCA guidelines, it is absolutely mandatory for all Class 3 DSCs. This prevents the DSC from being copied or stolen, providing a high level of security.

8. What is the main use of a Class 3 “Combo” DSC? 

A Class 3 “Combo” (Sign & Encrypt) DSC is primarily used for e-tendering and e-procurement. Government tender portals require bidders to sign their technical bids (using the ‘Sign’ part) and encrypt their financial bids (using the ‘Encrypt’ part) to maintain confidentiality.

9. Can a DSC be stored on a computer? 

No, you cannot store a DSC on a computer. For security reasons, the CCA of India mandates that all new Class 3 DSCs (the only type now issued) must be stored and used only from a FIPS 140-2 Level 2 certified hardware token (USB token). The CCA no longer permits storing a DSC on a computer’s hard drive.

10. What are the different types of DSC in India now? 

After phasing out Class 1 and Class 2, all new DSCs issued in India are Class 3. The main types of DSC are now based on function:

  • Class 3 – Sign: For signing and authenticating.
  • Class 3 – Encrypt: For encrypting data.

Class 3 – Combo: Includes both Sign and Encrypt functions. There are also specialized DSCs like DGFT DSC.

Joel Dsouza
Joel Dsouza

Joel Dsouza is a Chartered Accountant and compliance expert who has advised over 1,000 startups and SMEs on company registration, tax structuring, and MCA compliance. A member of ICAI and Co-Founder at RegisterKaro, Joel is committed to promoting financial literacy and simplifying India’s startup ecosystem. His deep expertise across all three levels of Finance and Portfolio Management makes him a trusted voice for entrepreneurs seeking clear, actionable guidance.

Related Posts

Related Business Services

Explore other business registration and compliance services offered by RegisterKaro:

Register Private Limited Company Icon
Register Private Limited Company

Get your business a separate legal identity, limited liability protection, and easier access to funding.

LLP Registration Icon
LLP Registration

Register a Limited Liability Partnership with flexible structure and lower compliance requirements.

One Person Company Registration Icon
One Person Company Registration

Start your business journey as a single founder with limited liability protection.

Start Up India Registration Icon
Start Up India Registration

Empowers entrepreneurs with government recognition, tax benefits, funding support, and simplified compliance.

Virtual Office Icon
Virtual Office

Give your business a premium address and professional presence without the cost of a physical space.

Private Limited Company Compliance Icon
Private Limited Company Compliance

Ensure legal, financial, and regulatory obligations and maintain the company’s good standing legally.

GST Registration Icon
GST Registration

Register for Goods and Services Tax to legally collect tax from your customers.

MSME Registration Icon
MSME Registration

Register as a Micro, Small, or Medium Enterprise to avail government benefits.

FSSAI Registration Icon
FSSAI Registration

Obtain your FSSAI license to legally sell and serve safe food in India.

whatsapp-icon