Bangalore Office: eMudhra Consumer Services Ltd. 3rd Floor, Sai Arcade, Outer Ring Road, Devarabeesanahalli, Bangalore – 560103. Karnataka, India Phone: +91 80 43360000 Fax: +91 80 42275306 Email: info@e‐mudhra.com For Corporate sales enquiry Email:
[email protected] Website: www.e‐mudhra.com Blog: http://emudhradigitalsignature.blogspot.in/ Related Website: www.taxsmile.com, www.xygle.com ABOUT E‐MUDHRA eMudhra Consumer Services Limited is a licensed Certifying Authority under the Information Technology Act of India issuing digital signature certificates in India since 2008. eMudhra offers various web and mobile based technology solutions to Indian consumers. Online income tax filing website – Taxsmile is one of the flagship product of eMudhra, and is an eReturn Intermediary authorized by The Directorate of Income Tax, Government of India. eMudhra is also authorized by The Reserve Bank of India to operate a Mobile Wallet under the brand, YPayCash. Path‐breaking patented Mobile applications such as mobile retail Xygle, secured communications and semantic technology are other offerings from eMudhra. eMudhra is a first of its kind consumer servicing organization that provides a host of innovative Do‐It‐Yourself solutions to Indian consumers that meet their Financial, Legal and Statutory requirements. About Digital Signature A digital signature is an electronic signature used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. It can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. Digital Signature Certificates can be used for eFiling of Income Tax Returns, eTendering in India on Government Websites such as Indian Railway Catering and Tourism Corporation, and also Director General of Foreign Trade, Ministry of Corporate Affairs and Registrar of Companies Applications.
Download DSC | Search Certificate | Revoke | Renew DSC
e‐mudhra.com
Page 1
SHORT FORM à
Certificate Policy (CP)
à
Certificate Practice Statement (CPS)
à
Certificate Revocation List (CRL)
à
Certifying Authorities (CA)
à
Certifying Authority of India (RCAI)
à
Controller of Certifying Authorities (CCA)
à
Digital Signature Certificates (DSC)
à
eMudhra Authentication Server (eMAS)
à
National Repository of Digital Signature Certificate (NRDC)
à
Registration Authorities (RA)
à
Registration Authority (RA)
à
Relying Party Agreement (RPA)
à
Subscriber Party Agreement (SPA)
e‐mudhra.com
Page 2
CYBER FRAUD – WHY WORRY? Because, Cyber Crime usually has an impact on three things close to us – Identity, Privacy and Finances. A unique feature of cybercrime is that the consequences aren’t ‘visible’ instantaneously as with other forms of crimes like murder, burglary, kidnapping, etc. Also, the time interval between the occurrence of the crime and the victim’s realization can sometimes be so long as to eliminate all possibilities of collecting appropriate evidence. Identity loss can be extremely damaging to one’s finances and reputation. Fraudsters wait for those moments when there is a compromise in basic security precautions while negotiating electronic identity and steal the identity. The victims could be individuals as well as institutions that handle internet money transactions. Types of Cyber Fraud Internet Fraud A very common form of Internet fraud is the distribution of rogue security software. Internet services can be used to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme. Phishing Identity Theft Identity theft is a form of stealing someone's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. Identity theft occurs when someone uses your personally identifying information, like your name, user id or credit card number, without your permission, to commit fraud or other crimes. Phishing Phishing refers to the process of imitating legitimate companies in emails or creating fake Web sites designed to look like a legitimate Web site in order to entice users to share their passwords, credit card numbers, and other personal information. The perpetrator then uses the information to steal the target's identity or to sell that identity to others. Users need to be educated not to give away personal information in response to an unsolicited email. Man‐in‐the‐Middle Attack The phrase "Man‐in‐the‐Middle Attack" is used to describe a computer attack during which the cybercriminal funnels communication between a consumer and a legitimate organization through a fake Web site. In these attacks, neither the consumer nor the organization is aware that the communication is being illegally monitored. The criminal is, in effect, in the middle of a transaction between the consumer and his or her bank, credit‐card Company, or retailer. The man‐in‐the‐middle server electronically “eavesdrops” on every keystroke, giving the criminal username, password, and account information. They employ Spyware and other Malware that when loaded on the consumer’s computer redirects the Web browser to the fake site. The most technically competent manipulate the real Web site so that visitors are directed to the fake site.
e‐mudhra.com
Page 3
Protection against Cyber Frauds Digital Signature Certificates (DSC) is considered to be one of the strongest tools to Cyber Security. DSC uses a very complex algorithm to generate a pair of asymmetric keys – Public and Private Key, wherein the private key is held securely by the user and public key is available publicly. When a user appends DSC to an electronic document or electronic transaction, the private key hashes the content of the document or transaction and uses the private information of the user in the private key to sign the document or transaction and this document or transaction is encrypted at the signor’s end. This signed document or transaction is verified with the corresponding public key and decrypted by the authorized person. DSCs is issued to an individual through an identity verification process as stipulated by Information Technology Act in India and hence acts as an authenticating tool. For example in the case of electronic banking and statutory efilings. DSCs are given a legal sanctity in India under the Information Technology Act and hence it serves as an evidence under the law and the signor cannot repudiate his / her act at a later stage. The digitally signed document or transaction is encrypted at the signor’s end and gives the protection against hacking or man‐in‐the‐middle attacks. The signature will become invalid if there is any change to the content and thereby ensures integrity and confidentiality of the content. DSCs are issued by licensed Certifying Authorities under the Ministry of Information Technology, Government of India as per the Information Technology Act.
e‐mudhra.com
Page 4
RECOURSE If you feel that you are the victim of a cybercrime, as per the amendments to the Information Technology Act 2000, the minimum rank of investigation of cybercrimes is POLICE INSPECTOR and any jurisdictional police station can register and investigate. You could also contact your nearest Cyber Crime Police Station. Bangalore: Cyber Crime Police Station, CID Annexe Building, Carlton House, # 1, Palace Road, Bangalore ‐ 560001. Telephone: 080 ‐ 22942475, 080‐ 22943050 E‐Mail:
[email protected] Chennai: Assistant Commissioner of Police Cyber Crime Cell Commissioner office Campus Egmore, Chennai‐ 600008 Telephone: +91‐40‐5549 8211 E‐mail id:
[email protected] Delhi:CBI Cyber Crime Cell: Superintendent of Police, Cyber Crime Investigation Cell Central Bureau of Investigation, 5th Floor, Block No.3, CGO Complex, Lodhi Road, New Delhi – 3 Telephone: 011‐4362203, 011‐4392424 E‐Mail:
[email protected] Hyderabad:Cyber Crime Police Station Crime Investigation Department, 3rd Floor, D.G.P. Pffice Lakdikapool, Hyderabad – 500004 Telephone: 040‐2324 0663, 040‐2785 2274 E‐mail id:
[email protected],
[email protected] Kolkata: Public Grievance Cell 2250‐5134 / 5340 E‐Mail:
[email protected] Cyber Police Station Telephone: 2214‐3000 / 3004 / 1420 E‐Mail:
[email protected] Mumbai: Cyber Crime Investigation cell, Annex III, 1st floor, Office of the Commissioner of Police, D.N.Road, Mumbai ‐ 400001 Telephone: 022 ‐ 24691233 Email:
[email protected]
e‐mudhra.com
Page 5
OUR TOOLS
eMAS (eMudhra Authentication Server) e‐Mudhra Authentication Server is a pluggable server with strong access control to online applications and maintains records of transactions. e‐MAS offers a list of features like effective authentication, integrity, non‐ repudiation , hence most suited for applications which require high level security. e‐Mudhra Web Signer e‐Mudhra Web Signer, an online form signing solution can be easily integrated into the existing workflow. The solution supports the signing of Text, Image, XML and PDF forms. The solutions can be customized according to the needs of the clients enabling them to reap maximum output out of the implemented solution. eForm 16 The e‐F16 is an application developed to help companies avoid the cumbersome process of physically printing and Signing & Distributing the Form 16s, and transition to a greener way of e‐mailing Digitally‐Signed Form 16S into employees' mailboxes. ePDF Signer ePDFSigner is a desktop application that makes it easy to use digital signatures, and strong encryption on business documents. By using ePDFSigner, anyone can easily sign or protect a business document. These might be internal or external financial, HR, legal, sales and marketing, support services, compliance, R&D, or consultancy documents.
e‐mudhra.com
Page 6
F.A.Q DIGITAL SIGNATURES AND CERTIFICATESE What is a Digital Signature? A digital signature is an electronic form of a signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and also ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable and cannot be imitated by someone else. The ability to ensure that the original signed message arrived means that the sender cannot easily disclaim it later. What is a Digital Signature Certificate (DSC)? Digital Signature Certificates (DSC) is the electronic format of physical or paper certificate like a driving License, passport etc. Certificates serve as proof of identity of an individual for a certain purpose; for example, a Passport identifies someone as a citizen of that country; who can legally travel to any country. Likewise, a Digital Signature Certificate can be presented electronically to prove your identity, to access information or services on the Internet or to sign certain documents digitally. Why do I need a Digital Signature Certificate? A Digital Signature Certificate authenticates your identity electronically. It also provides you with a high level of security for your online transactions by ensuring absolute privacy of the information exchanged using a Digital Signature Certificate. You can use certificates to encrypt information such that only the intended recipient can read it. You can digitally sign information to assure the recipient that it has not been changed in transit, and also verify your identity as the sender of the message. Where can I purchase a Digital Signature Certificate? Legally valid Digital Signature Certificates are issued only through a Controller of Certifying Authorities (CCA), Govt. of India, licensed Certifying Authorities (CA), such as eMudhra. eMudhra, a Certifying Authority (CA) licensed by CCA, offers secure digital signatures through various options tailored to suit individual as well as organizational needs. Where can I use Digital Signature Certificates? You can use Digital Signature Certificates for the following: à à à à à
For sending and receiving digitally signed and encrypted emails. For carrying out secure web‐based transactions, or to identify other participants of web‐based transactions. In e‐Tendering, e‐Procurement, MCA [for Registrar of Companies e‐filing], Income Tax [for e‐filing income tax returns] Applications and also in many other applications. For signing documents like MS‐Word, MS‐Excel and PDFs. Plays a pivotal role in creating a paperless office.
e‐mudhra.com
Page 7
How does a Digital Signature Certificate work? A Digital Signature Certificate explicitly associates the identity of an individual/device with a pair of electronic keys ‐ public and private keys ‐ and this association is endorsed by the CA. The certificate contains information about a user's identity (for example, their name, pincode, country, email address, the date the certificate was issued and the name of the Certifying Authority that issued it). These keys complement each other in that one does not function in the absence of the other. They are used by browsers and servers to encrypt and decrypt information regarding the identity of the certificate user during information exchange processes. The private key is stored on the user's computer hard disk or on an external device such as a token. The user retains control of the private key; it can only be used with the issued password. The public key is disseminated with the encrypted information. The authentication process fails if either one of these keys in not available or do not match. This means that the encrypted data cannot be decrypted and therefore, is inaccessible to unauthorized parties. Are Digital Signatures Certificate legally valid in India? Yes, subsequent to the enactment of Information Technology Act 2000 in India, Digital Signature Certificates are legally valid in India. Digital Signature Certificates are issued by licensed Certifying Authorities under the Ministry of Information Technology, Government of India as per the Information Technology Act. What is the difference between a Digital Signature and a Digital Signature Certificate? A digital signature is an electronic method of signing an electronic document whereas a Digital Signature Certificate is a computer based record that à à à à à
Identifies the Certifying Authority issuing it. Has the name and other details that can identify the subscriber Contains the subscriber's public key. Is digitally signed by the Certifying Authority issuing it. Is valid for either one year or two years.
e‐mudhra.com
Page 8
F.A.Q DIGITAL SIGNATURE USAGE Can I use one Digital Signature Certificate for multiple e‐mail addresses? No, you cannot. A digital signature certificate can have only one email address.
Can I use digital signature certificate in e‐tendering systems? Digital signature certificates in e‐tendering systems are allowed, but based on the service provider.
Can digital signature certificates be used in wireless networks? Yes, digital signature certificates can be employed in wireless networks.
Am I allowed to use one web server certificate (SSL) for more than one website? No. You will not be able to use one SSL certificate on different websites with different domain names because the certificate is explicitly associated with the exact host and domain name. A wild card SSL certificate can be issued that can support different sub domains like abc.emudhra.com, def.emudhra.com etc.
e‐mudhra.com
Page 9
F.A.Q REGULATORY What is a Certifying Authority (CA)? A Certifying Authority is a trusted agency whose central responsibility is to issue, revoke, renew and provide directories for Digital Signature Certificates. According to Section 24 of the Information Technology Act 2000, "Certifying Authority" means a person who has been granted a license to issue Digital Signature Certificates. Who can be a Certifying Authority (CA)? The IT Act 2000 details the prerequisites of a CA. Accordingly, a prospective CA has to establish the required infrastructure, get it audited by the auditors appointed by the office of Controller of Certifying Authorities. Subsequent to complete compliance of all requirements, a license to operate as a Certifying Authority can be obtained. The license is issued by the Controller of Certifying Authorities, Ministry of Information Technology, Government of India. What is a Registration Authority (RA)? A RA (Registration Authority) is an agent of the Certifying Authority who collects the application forms and related documents for Digital Signature Certificates, verifies the information submitted and approves or rejects the application based on the results of the verification process. What is the role of CCA? The Controller of Certifying Authorities (CCA) is a Government of India undertaking that license and regulate the working of Certifying Authorities. The CCA certifies the public keys of CAs, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA. For this purpose, CCA operates, the Root Certifying Authority of India (RCAI). The CCA also maintains the National Repository of Digital Signature Certificate (NRDC), which contains all the certificates issued by all the CAs in the country. What is NRDC? In accordance with Section 20 of the IT Act, NRDC is a national repository maintained by the CCA that contains all Digital Signature Certificates and CRLs issued by all the licensed CAs. It also contains all the Digital Signature Certificates and CRLs issued by the CCA through its RCAI. All Relying Parties are allowed to verify the authenticity of a CA's public keys from this repository.
e‐mudhra.com
Page 10
What is RCAI? RCAI is the Root Certifying Authority of India. It was established by the CCA under Section 18(b) of the IT Act and is responsible for digitally signing the public keys of all the licensed CAs in the country. The RCAI root certificate is the highest level of certification in the country. The RCAI root certificate is a self‐signed certificate. The key activities of the RCAI include: à à à
Digitally signing licenses issued by CCA to CA Digitally signing public keys corresponding to private keys of a CA Ensuring availability of these signed certificates for verification by a Relying Party through the CCA or CA website
e‐mudhra.com
Page 11
F.A.Q REPOSITORY What is a CRL? The Certificate Revocation List (CRL) is a list of certificates that have been revoked by the CA, and are therefore no longer valid. What is a CPS? The Certificate Practice Statement (CPS) is a statement of the practices that a Certification Authority (CA) employs for issuing and managing certificates. A CPS may take the form of a declaration by the CA of the details of its system's trustworthiness and the practices that it employs both in its operations and in its support of issuance of a certificate. What is a CP? Certifying Authorities issue Digital Signature Certificates that are appropriate to specific purposes or applications. A Certificate Policy (CP) describes the different classes of certificates issued by the CA, the procedures governing their issuance and revocation and terms of usage of such certificates, besides information regarding the rules governing the different uses of these certificates. What is Subscriber Agreement? A Subscriber Agreement is an agreement between Subscriber and e‐Mudhra CA stating that the subscriber will use the Digital Signature Certificate for the assigned use or objective and that the subscriber is solely responsible for the protection of the private key and ensuring functionality of the unique key pair. The subscriber also agrees through the Subscriber Agreement that all the information provided to e‐Mudhra CA at the time of registration is accurate. In the event of any change in information, the subscriber is obliged to immediately inform e‐Mudhra CA. e‐Mudhra CA is not responsible for any legal disputes arising due to misrepresentation on the part of the subscriber.
e‐mudhra.com
Page 12
PRICE As on 10‐Oct‐2013 Class of e-Mudhra Digital Signature Certificate
Validity in Years
MRP in INR
Class 2 Gold Individual
One Two
1000 1300
Class 2 Gold Organisation
One Two
1200 1500
Class 3 Platinum Individual
One Two
2400 2800
Class 3 Platinum Organisation
One Two
2500 2900
DGFT
One Two
4200 4700
Terms of Pricing à à à à
The prices indicated are on per DSC basis. The prices indicated above are inclusive of Service Tax of 12.36%. The prices indicated are exclusive of token price. The prices are subject to change without prior notice.
For information and pricing of other solutions and services, please get in touch with us.
e‐mudhra.com
Page 13
SUPPORT Directly access important information on support documentation, agreements, certification and a number of other important documentation that you need in order to efficiently obtain your Digital Certificate and use it effectively
e‐mudhra.com
Page 14
SUPPORT SUPPORTING DOCUMENTS Support documents are mandatory when applying with e‐Mudhra for Class 2 Gold and Class 3 Platinum Digital Signature Certificates. For an individual Attested copy of any one of the following as Valid Identity Documents (attestation may be by any Post Master/ Gazetted Officer/ Bank Manager) a. Passport b. Driving License c. PAN card d. Post Office ID Card e. Bank Account Passbook containing the Photograph and signed by an individual with attestation by the concerned Bank official f. Photo ID Card issued by the Ministry of Home Affairs of Centre/State Government g. Any Government issued photo ID Card bearing the signature of the individual Attested copy of any one of the following as Address Proof Documents (attestation may be by any Post Master/ Gazetted Officer/ Bank Manager) a. Telephone Bill b. Electricity Bill c. Water Bill d. Gas Connection e. Bank Statements signed by the Bank f. Service Tax/ VAT/ Sales Tax registration certificate g. Property Tax/ Corporation/ Municipal corporation receipt h. Driving License i. Voter ID Card j. Passport k. Certificate of Registration for owned Vehicle Note: For A to E the date of last transaction should not be older than 3 months, for Sr.No. F & G the same should be pertain to the current financial year. All documents should have the complete address for the purpose of accepting the same as proof.
e‐mudhra.com
Page 15
For an Organization Attested copy of any one of the following as Valid Identity Documents (attestation may be by any Post Master/ Gazetted Officer/ Bank Manager) a. Passport b. Driving License c. PAN card d. Post Office ID Card e. Bank Account Passbook containing the Photograph and signed by an individual with attestation by the concerned Bank official f. Photo ID Card issued by the Ministry of Home Affairs of Centre/ State Government g. Any Government issued photo ID Card bearing the signature of the individual True copy of any one (from the Company Secretary/ Director/ Partner of the organization) a. Certificate of Incorporation b. Memorandum of Association/ Articles of Association c. Partnership Deed d. Valid Business License True copy of any one (attested by Company Secretary/ Director/ Partner of the organization) a. Annual Report b. Income Tax Return c. Bank Details of the organization from the Bank d. Statement of Income issued by Chartered Accountant
Authorization letter in favor of the certificate applicant from the organization List of Partners/Members/Directors with their complete name and address details Domain Name registration proof from the registrar of Domains (if applying for Server Certificate)
e‐mudhra.com
Page 16
SUPPORT AGREEMENT Subscriber Party Agreement (SPA) The SPA is a mutual arrangement between the Subscriber and e‐Mudhra that details the various terms and conditions that the Subscriber has agreed to adhere to and abide by from the period of issue till the expiry of certificate. This agreement forms the basis with which the e‐Mudhra Digital Certificate is issued to the subscriber. The subscriber is expected to provide true and up‐to‐date information to e‐Mudhra CA, including communication of any changes in information occurring after the issue of certificate. In the absence of transparency of information, e‐ Mudhra CA has the right to revoke the certificate. The subscriber is also expected to follow the terms mentioned in the CPS and not misuse the Digital Certificate. Download
Relying Party Agreement (RPA) If your web‐based service or application relies on e‐Mudhra certificates for digital signatures, we recommend that you read our Relying Party Agreement before validating any digital signature certificate issued by us or otherwise accessing or using e‐Mudhra database of certificate revocations and other information. The relying party is required to abide by the rules set forth in the CPS and is solely responsible for the appropriateness of the use of the e‐Mudhra Digital Signature Certificate. They shall not hold e‐Mudhra CA and Registration Authorities (RA) responsible for assessing the appropriateness of the use of such Certificate Download
e‐mudhra.com
Page 17
SUPPORT APPLICATION FORMS e‐Mudhra offers you three classes of Digital Signature Certificates. The application and validation requirements vary for each class of certificate. Class 2 Gold and Class 3 Platinum require more rigorous verification processes. Please refer Support Documents section for more details regarding these processes. Download Application Forms
e‐mudhra.com
Page 18
SUPPORT CPS The Certification Practice Statement (CPS) issued by e‐Mudhra, the Certification Authority (CA) of eMudhra Consumer Services Limited, specifies the standard practices for issuing and managing your Digital Certificates. It encapsulates the most important rights, responsibilities and liability issues related to your certificate. e‐Mudhra CPS clearly defines the requirements and scope of the following: à à à à à à à à à à à
Appropriate application for various classes of certificates Assurance level associated with each class Obligation of Primary CA, Policy CA, Sub‐CA, Registration Authority (RA), Subscriber and Relying parties Legal matters that are covered in subscriber agreements and relying party agreements. Audit and related security and practice reviews undertaken by company Methods used for identification and verification of subscriber for various certificates Operational procedures for certificate applications, issuance, acceptance, revocation, and renewal Physical, personnel, cryptographic private key and logical security Operational security procedures for audit logging, records retention and disaster recovery Certificate and certificate revocation list (CRL) content Administration of CPS, including methods of updating it
Download latest version of CPS
e‐mudhra.com
Page 19
SUPPORT CRL The Certificate Revocation List (CRL) is issued periodically and displays a list of Digital Certificates that have been revoked prior to their expiry. The list displays the subscribers who have revoked their certificates and the reason for revocation and is digitally signed by e‐Mudhra CA. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user. The CRL is updated and published every 24 hours, irrespective of changes to the list. Your revoked certificate will be published in the CRL within 4 hours after revocation. Expired certificates for which the 30‐day time period has elapsed are automatically deleted from the list. Download CRL
e‐mudhra.com
Page 20
SUPPORT CA CERTIFICATES The e‐Mudhra Certifying Authority (CA) Certificate is part of the Certificate Chain of trust that also includes the root certificate issued by the Controller of Certifying Authorities (CCA) and your digital certificate. Your digital certificate is validated when you digitally sign or encrypt S/MIME messages or make HTTPS connections with the e‐Mudhra certified CA website. This validation is completed only if you have downloaded and installed the CCA and e‐Mudhra CA certificates, thereby completing the Certificate Chain. e‐Mudhra is a licensed Certifying Authority (CA) and is authorized by the Controller of Certifying Authorities (CCA), Government of India, to issue legally valid Digital Certificates in India under the Indian IT Act 2000. à
Please refer FAQ section for details on how to install CCA and e‐Mudhra CA certificates.
à
The CCA and e‐Mudhra CA certificates are available in the Downloads section.
e‐Mudhra offers three classes of Digital Signature Certificates for personal and commercial use. You can select the certificate class that best suits your requirements. Class 2 Gold Class 3 Platinum Class 2 and Class 3 are managed certificates and are available for individuals, organizations and devices. They are applicable in all environments where proof of identity is an obligation. They are issued only after suitable verification processes have been completed by an RA or Sub‐CA organization. Please refer Support Documents section for more details on requirements for successful identity verification. Download CA Certificates
e‐mudhra.com
Page 21
SUPPORT DOWNLOAD CERTIFICATE
Important Notice: Compatibility: à à
Compatible Operating Systems: Microsoft Windows 2000, XP, 2003, Vista ,Windows 7 Compatible browsers: Microsoft Internet Explorer 6.0 and above
Pre‐requisites: à
Add www.e‐mudhra.com to the 'Trusted Sites' list of the browser. Click here in case you need the procedure for the above. Enable Active X controls in the Internet Explorer browser. Click here in case you need the procedure for the above. If you are downloading certificate into USB token, install the token drivers "Click Here to download drivers". Download e‐Mudhra Certificate Trust Chain and right click on same and select "Install".
à à à
Important Note: à à à à à
If you have asked for a soft token please do not insert any USB/Crypto token in the machine during download. The certificate will be available in the browser as per the path below. Tools > Internet Options > Content > Certificates > Personal If you are using USB token please install the respective drivers and plug in the token before you start download. Do not close the browser till the certificate is downloaded.
e‐mudhra.com
Page 22
Now employers in India can use eMudhra Class 2 Gold or Class 3 Platinum Digital Signature Certificates for submitting their employee PF transfer claim form online. eMudhra digital signature certificates make your work more easier, convenient and cost saving in handling your employee PF transfer claim forms. Now the authorized signatories of employer’s can digitally sign using eMudhra digital signature certificates and submit the form online in Employer Online Transfer Claim Portal. Digital Signature Certificate and Employer Online Transfer Claim Portal: EPFO has introduced a new system to facilitate online submission of transfer claims by Members with an objective to make the transfer process transparent, efficient and comfortable for your employees. A member has an option to submit his claim either through his present employer or the previous one. Employer can see all such claim requests with ease, verify/correct member details, approve and submit the requests online through this portal. For online submission of the claims, the Digital signature (eMudhra Class 2 or above) of the authorized person is required. There are various types of Digital Signature Certificates that cater to specific needs. While digitally singing in Employer Transfer Claim portal, a Digital Signature Certificate of Class 2 and Class 3 category is required. A Class 2 Digital Signature Certificate is available for download after verification based on a trusted and pre‐verified database. A Class 3 Digital Signature Certificate, on the other hand, is of a higher level as it is issued only after the registrant’s identity verification has been done by a Registration Authority.
e‐mudhra.com
Page 23
Steps to obtain Digital Signature Certificate for EOTC portal: Authorized signatories of the employer’s can obtain a valid Class 2 digital signature certificate from eMudhra and register in EOTC portal by following below mentioned simple steps:
e‐mudhra.com
Page 24
