1. What is a Digital Signature?

Currently, many applications or forms submitted by a citizen require physical signature of the citizen. A digital signature takes the concept of traditional paper-based signing and turns it into an electronic "fingerprint." This "fingerprint," or coded message, is unique to both the document and the signer and binds them together. In short, a digital signature has the same function as that of a handwritten signature. Some of the salient features of digital signature are non-repudiation, integrity and authenticity. The Information Technology Act 2000 provides the required legal sanctity to digital signatures based on asymmetric crypto systems.

2. Who can avail e-Sign service to sign the documents?

Any Indian citizen having Aadhaar with Registered mobile number.

3. Who provides Digital Signature Certificate to ASPs?

Any Certifying Authority (CA), who is licensed by a Controller of Certifying Authorities (CCA).

4. What is Aadhaar Paperless Offline KYC?

It is a secure sharable document which can be used by any Aadhaar number holder for offline verification of Identification. Aadhaar holder will download the document, which contain Name, Address, Photo, Gender, DOB, Mobile Number (In hashed form) and Email Address (In hashed form) in a digitally signed XML. However, this document does not contain Aadhaar number.

5. How to share this Paperless Offline eKYC document with the ESP?

Aadhaar holders can share the XML ZIP file along with the Share Code to ESP as per their mutual convenience.

6. What are the modes on which OTP shall be received by Aadhaar holder for authentication purpose in eSign 2.1?

e-Hastakshar enables Document signer to receive the OTP on registered Mobile number. In case mobile number is not registered with Aadhaar, an error code of 112 will be returned.

7. Is biometric supported in esign 2.1?


8. Is biometric supported in esign 3.0?


9. Is it mandatory to create signer ID in eSign 3.0?

Yes, it is mandatory to create signer ID for offline process.

10. What is the validity of Offline KYC XML?

3 Months

11. What is the validity of signer ID?

2 Years.

12. What are the main features of eSign 2.1 specifications?

eSign 2.1 facilitates capturing of Authentication ID and authentication data of the individual to be carried out by ESP. eHastakshar uses the service of UIDAI for authenticating the document signer through its e-KYC mechanism.

13. What are the main features of eSign 3.0 specifications?

    Features of eSign 3.0:
  • One time registration process is defined between an eSign User and eSign Service Provider (ESP) based on offline Aadhaar eKYC XML.
  • eSign CA also maintains eKYC data of verified users for issuance of DSC
  • Once verified, eKYC data can be used for 2 years
  • For each DSC issuance, 2 factor authentication is required
  • Authentication modes supported: OTP/TOTP/MobileAccessToken with PIN (currently C-DAC supports only OTP with PIN)
  • Up to 5 document hashes can be signed in a single transaction
  • Signer can view document submitted for signing at ESP Authentication Page and can de-select a document for signing

14. Is bulk signing supported eSign 2.1? If so details.


15. Is bulk signing supported in eSign 3.0? If so details.

Yes, Up to 5 document hashes can be signed in a single transaction

16. What are the modes on which OTP shall be received by Aadhaar holder for authentication purpose?

e-Hastakshar enables Document signer to receive the OTP on registered Mobile number based on eKYC service.

17. What is licensing model of APIs?

Not Applicable

18. What is eSign API license key?

It is the ASP-ID given by ESPs after sharing required details with ESPs. Refer

19. How to ensure that the ASP-ID will remain unique?

C-DAC will allocate and will ensure the uniqueness.

20. ASP should make sure that the affixing of digital signature to document or storage of digital signature only after the signatory's approval of contents of certificate and signature.

ESP will return the signed hash of the document along with the document signer's public certificate. ASP has to affix/store the digital signature after presenting the details to the signer and taking their explicit consent for the same.

21. What are the different security and audit requirement to be carried out for the ASP application?

There are two aspects of security and audit assessment to be carried out: a) Security assessment of the application by ICERT empaneled agency where the security threats, vulnerabilities etc. are carried out for the ASP application and its environment (OS, web server etc.) b) Application audit to be carried by IS certified auditor to ensure the application data, logs etc. are maintained as per Annexure-11.

22. Whether eSign online Electronic Signature Service is a replacement for the existing Digital Signature?

No. The existing method of obtaining Digital Signature Certificate by submission of a paper application form to a Certifying Authority, key pair generation by applicant Certification of public key of applicant by a Certifying Authority, signature generation as and when required using signature generation tools/utilities , safe custody of key pairs on Crypto tokens by DSC holder till the expiry of Digital Signature Certificate, etc. will continue to exist along with eSign Online Electronic Signature Service . The Application Service Provider determines the suitability of eSign Online Signature service in their application.

23. Is my privacy protected?

Yes. Document content that is being signed is not sent in the clear to eSign service provider. The privacy of signer's information is protected by sending only the one-way hash of the document to eSign online Electronic Signature Service provider. Each signature requires a new key-pair and certification of the new Public Key by a Certifying Authority. This back-end process is completely transparent to the signer. In addition, e-KYC data based on offline Aadhaar XML is not sent back to the Application Service Provider and is retained only within the eSign provider as the e-KYC audit record.

24. How much does it cost to use eSign?

The payment model can be mailed to you upon request.

25. Can we control the e-signature appearance? Is that configurable? Can we use our own logo/font? Can we control the size and placement of the signature box on the document?

Yes, it is customizable.

26. Can the same document be signed by multiple people?

Yes, it can be signed by multiple people. It will involve multiple transactions, involving the same document.

27. If the internet connection is lost during an eSign request process - Is the entire process re-initiated or does it resume from the point when the internet connection was lost, once the internet connection is available?

The transaction will have to be re-initiated.

Download C-DAC CA CPS
Download Certificate of C-DAC CA
Download CRL


ASP Onboarding:

Integration Steps
Download ASP Request Form


Related links:

What is a Digital Signature?
e-Sign Service
Benefits of e-Sign Service
Contact Us