Digital Signature is the authentication of an electronic record using an asymmetric cryptographic system and a hash function, ensuring both the identity of the signatory and the integrity of the signed document. Under Indian law, digital signatures are defined and regulated by Sections 2(1)(p), 3, and 5 of the Information Technology Act, 2000, which grant digital signatures the same legal effect as handwritten signatures, and establish a framework of licensed Certifying Authorities (CAs) to issue Digital Signature Certificates (DSCs).
Legal definition
Section 2(1)(p) of the Information Technology Act, 2000 defines:
"Digital signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3.
Section 3 provides the technical framework:
Section 3 — Authentication of electronic records: Subject to the provisions of this section, any subscriber may authenticate an electronic record by affixing his digital signature. The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record.
Section 5 provides legal recognition:
Section 5 — Legal recognition of digital signatures: Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document shall be signed or bear the signature of any person, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied, if such information or matter is authenticated by means of digital signature.
The 2008 amendment to the IT Act introduced Section 3A, recognising electronic signatures as a broader category. While digital signatures use asymmetric cryptography (PKI-based), electronic signatures include any electronic authentication technique (such as Aadhaar eSign) approved by the Central Government. Both have legal validity, but digital signatures remain the gold standard for high-security applications.
How courts have interpreted this term
State of Punjab v. Amritsar Beverages Ltd. [(2006) 7 SCC 607]
The Supreme Court recognised the legal validity of digitally signed documents and held that electronic records authenticated by digital signatures carry the same evidentiary value as physically signed documents. The Court observed that the IT Act framework, including the Certifying Authority mechanism, provides adequate safeguards against forgery and impersonation.
TCS E-Serve Ltd. v. Ashish Abhishek [(2019)]
The Delhi High Court held that a digitally signed document enjoys a presumption of authenticity under Section 85B of the Indian Evidence Act (now Section 83 BSA). The burden shifts to the party challenging the digital signature to prove that it was not affixed by the subscriber or that the certificate was invalid at the time of signing. This presumption significantly strengthens the evidentiary position of digitally signed documents.
CIT v. Sunil Gupta [(2020)]
The Delhi High Court upheld the validity of income tax notices issued with digital signatures, holding that the IT Act framework for digital signatures satisfies the authentication requirements of the Income Tax Act. The Court rejected the contention that only physical signatures could authenticate statutory notices.
Why this matters
Digital signatures are the backbone of India's digital governance and e-commerce infrastructure. From filing income tax returns and company registration documents on MCA to executing e-contracts and authenticating court filings, digital signatures enable legally binding transactions in the electronic realm.
For businesses and professionals, Digital Signature Certificates (DSCs) issued by licensed Certifying Authorities are required for a wide range of regulatory compliances — including MCA filings (Companies Act), GST filings, e-tendering for government contracts, patent and trademark applications, and electronic filing in various courts and tribunals. The Controller of Certifying Authorities (CCA) oversees the licensing of CAs, of which there are currently eight in India.
The distinction between digital signatures (Section 3) and electronic signatures (Section 3A) is practically important. Digital signatures use PKI-based asymmetric cryptography and require a DSC issued by a licensed CA. Electronic signatures encompass a broader range of authentication methods, including Aadhaar eSign, which uses biometric authentication rather than PKI. While both are legally valid, certain regulatory requirements — particularly in corporate and tax filings — mandate digital signatures specifically, not electronic signatures.
For practitioners, the presumption of authenticity under the Evidence Act (Section 85B/83 BSA) means that digitally signed documents enjoy a stronger evidentiary position than unsigned electronic records. The opposing party must affirmatively prove that the digital signature is invalid, which requires technical evidence regarding the integrity of the certificate or the compromise of the subscriber's private key.
Related terms
Parent framework:
Sibling concepts:
Related enforcement:
Frequently asked questions
What is the difference between a digital signature and an electronic signature?
A digital signature (Section 3 IT Act) uses asymmetric cryptographic technology (public-private key pairs) and requires a Digital Signature Certificate from a licensed Certifying Authority. An electronic signature (Section 3A IT Act, added in 2008) is a broader category that includes any electronic authentication technique approved by the Central Government, such as Aadhaar eSign. Both are legally valid, but digital signatures offer stronger technical security guarantees.
Who issues Digital Signature Certificates in India?
Digital Signature Certificates are issued by Certifying Authorities (CAs) licensed by the Controller of Certifying Authorities (CCA) under the IT Act. There are currently eight licensed CAs in India. The CCA, functioning under the Ministry of Electronics and IT, oversees the CA licensing process and ensures compliance with the standards prescribed under the IT Act and its rules.
Is a digital signature legally equivalent to a physical signature?
Yes. Section 5 of the IT Act provides that where any law requires authentication by signature, a digital signature satisfies that requirement. This has been upheld by courts across contexts, including tax notices, corporate filings, and contractual documents. Digitally signed documents also enjoy an evidentiary presumption of authenticity under the Evidence Act.
Can a digital signature be forged?
While the asymmetric cryptographic technology underlying digital signatures is extremely robust, the security of a digital signature depends on the protection of the subscriber's private key. If the private key is compromised (through theft, hacking, or carelessness), a fraudulent digital signature can be created. The subscriber is responsible for protecting their private key, and failure to do so may attract liability under Section 42 of the IT Act.
This entry is part of the Veritect Indian Legal Glossary, a comprehensive reference of Indian legal terminology grounded in statutory text and judicial interpretation.
Last updated: 2026-03-27. Veritect provides this content for informational purposes and does not constitute legal advice.