In this post, we will be giving you a concise recap of the legal framework behind India’s most common electronic signing technique - the Aadhaar eSign.
If you’re unfamiliar with Aadhaar eSign - we would recommend you start with Aadhaar eSign post first
Aadhaar eSign’s validity stems from a notification passed by the Central Government on January 28, 2015 (Gazette Notification No. 2015 Jan -GSR 61(E) entitled “Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015). Through this notification, Aadhaar eSign was inserted into Schedule II of the Information Technology Act as a valid electronic signature.
The Central Government could do this because of the powers it had to notify new electronic signatures under Section 3A of the Information Technology Act, 2000 (Electronic Signatures)
Aadhaar eSign operates as an interaction between 3 processes:
Under Schedule II - the technical and regulatory framework of these processes are delegated to the Controller of Certifying Authorities (“CCA”) - the apex regulator of electronic signatures in India.
The CCA has codified the regulatory framework under which Aadhaar eSigns happen in the e-Authentication Guidelines dated May 3rd, 2019.
The framework that makes Aadhaar eSign possible involves multiple parties:
We’ve written about how Aadhaar eSign works from a signer perspective
But here, let’s look at how this transaction works in the back-end:
1) Signers view the document and give consent to Aadhaar eSign. The document viewing and consent interface is provided by an Application Service Provider
2) Once they click on the signing link, Signers are redirected to an eSign portal maintained the ESP.
3) On the eSign portal, signers enter their Aadhaar number and perform an authentication – either via OTP, Biometric or Iris. The authentication is conducted by UIDAI and result is relayed to the ESP
4) If the authentication is successful, the ESP “orders” an electronic signature from the Certifying Authority. The Certifying Authority, upon receipt of the order, transmits an electronic signature certificate back to the ESP. This is a super-fast process that takes milliseconds.
5) The ESP passes the electronic signature certificate to the ASP - which ensures affixture on the document. The ASP also ensures that all parties received the signed document - along with an audit trail.
NSDL - one of the only 2 ESPs for Online Aadhaar eSign in India - has a great visualisation of this flow:
Aadhaar eSign can be used to eSign ALL types of documents.
There are only 5 exceptions to this rule - the documents mentioned in Schedule I of the IT Act:
You can enforce Aadhaar eSigned documents in Court in the same way you produce and enforce other pieces of evidence in Court!
Since Aadhaar eSigned documents are electronic evidence, you will need to comply with the requirements of Section 65B in order to produce such a document in Court.
We’ve written an eBook detailing how businesses can use Section 65B to produce electronic agreements in Court.
Alternatively you can also access our Section 65B FAQs.
The Evidence Act contains provisions which make it easier to produce electronically signed documents (like Aadhaar eSigned documents) in Court:
Audit trails are not necessary per se. However they make it significantly easier to produce and enforce electronically signed documents in Court.
If you still have questions regarding Aadhaar eSign, you can check our Aadhaar eSign FAQ page and clear your doubts. Alternatively, you can also check out Digital Stamping FAQ, Virtual Sign FAQ and Section 65B FAQ to get more insights.