FAQ on Digitally Signed Contract Note

Digital Signature Certificates

Digitally Signed Contract Notes


  • What is the legal framework for digitally signed documents?
  • Government has enacted the IT Act 2000 on 7th June 2000 with an aim to provide a legal and regulatory framework for promotion of e-Commerce and e-Governance. The Act contains the provisions with regard to Legal recognition of digital signatures, security procedure for electronic records and digital signature, appointment of Certifying Authorities and Controller of Certifying Authorities, Issue of license to Certifying Authorities to issue digital signature certificates, etc. among other legislative provisions. Use of electronic records or digital signature would be valid in Government and its agencies as per the provision of the Act

  • What is a digital signature?

A digital signature should not be confused with a digitized signature (a scan of a hand-written signature).

A digital signature is an encryption and decryption process that does two things

    1. positively identifies the author of an electronic message (who has digitally signed the message)
    2. Verifies the integrity of the message (that it has not been tampered with during its transmission).

Digital signatures are based on the RSA public key encryption system. In this system the author of a message keeps his/her private key secret and publishes the corresponding public key. Any text encrypted with the private key can be decrypted with the public key, and vice versa. However, the knowledge of the public key is not sufficient to deduce the private key.

Therefore the holder of a public key cannot pretend to be the holder of the corresponding private key.

  • How does a digital signature look like?

A sample digital signature looks as under:





  • Can you actually see the signer's handwritten signature?

No, there is no relationship to the signer's handwritten signature. The visible portion of the digital signature contains the signer's name, title and organization name, along with the certificate serial number and the Certifying Authority name.

  • What is a Digital Signature Certificate?

A digital signature certificate is a computer-generated record. It contains the identity record. It contains the identity of the subscriber (holder of the certificate), the public key which is digitally signed by the Certifying Authority. The digital signature certificate is associated with both a public key and a private key.

  • Who can issue a digital signature certificate to a subscriber?

A Certifying Authority can issue a digital signature certificate to a subscriber. The IT Act and the Certifying Authorities Rules framed under the Act stipulates the methods for issuance of a digital signature certificate.

  • What is a Certification Authority?

A Certification Authority is a trusted third party that verifies the identity of an applicant registering for a digital certificate. Once a Certification Authority is satisfied as to the authenticity of an applicant's identity, it issues that person a digital certificate binding his or her identity to a public key. In case of ICICIdirect, the certifying authority is Safe Scrypt.

  • Have Certifying Authorities been appointed by the Controller?

Yes, the Controller of Certifying Authorities has appointed Safe Scrypt as the first Certifying Authority in India.

  • Can a digital signature be forged?

Not likely. It is protected by several layers of highly complex encryption.

With digital signatures, forgery is -much more difficult than forging a handwritten signature. First, a digital signature is more of a process than just affixing a signature. For example, when the document is "digitally signed," the digital software scans the document and creates a calculation, which represents the document. This calculation becomes part of the "digital signature." When the recipient authenticates the signature, a similar process is carried out. The sender's and the receiver's calculations are then compared. If the results are the same, the signature is valid; if they are different, the signature is not valid.

  • How does a digital signature work?

We would explain it with simple example digitally signed emails.

Suppose A and B wishes to correspond electronically. A wants to assure B that he originated the electronic message, and that its contents have not been tampered with. A can do so by signing the message with his digital signature.

When A clicks on the digital signature option on his e-mail application, a mathematical formula known as a hash function is applied to the message, The message is converted it to a fixed-length string of characters called a "message digest". The digest acts as a "digital fingerprint" of the original message. If the original message is changed in any way, it will not produce the same message digest when the hash function is applied again. A's software then encrypts the message digest with his private key, producing a digital signature of the message. He transmits the message and digital signature to B.

B uses A's public key to decrypt the digital signature, revealing the message digest. Since only A's public key can decrypt the digital signature, he is able to verify that A was the sender of the message. To verify the message content, B's software applies the hash function to the message he received from A. The message digests should be identical. If they are, B knows the message has not been changed and he is assured of its integrity.

Digitally Signed Contract Notes

  • How is ICICIdirect making use of this technology?

ICICIdirect is making use of this technology to sign the contract notes digitally and making the same available online. Digitally signed contract notes would be made available to the customers by evening on the trading day itself. Features include the provision to verify the authenticity of the digital signatures.

SEBI has permitted issuance of digitally signed contract notes vide its Circular (SMDRP/POLICY/CIR-56/00 dated December 15, 2000), With the appointment of Certifying Authorities, and the approval from SEBI, Digitally Signed Contract Notes are now acceptable as legally valid document

  • How can I view the Digital Singed Contract Note?

After you log in, you would have to go to the customer service page. There you will have to click on the link for Digital Contract Note. You would have to select the details and click on 'verify'.

  • Will I continue to receive physical contract notes?

ICICIdirect would send a consolidated physical statement for the transactions done during the quarter. This statement would be designed in a very user friendly format and will be sent to you physically, once in a quarter.

  • Do I pay anything for the Digital Signed Contract Notes?

No. You do not have to pay anything for the Digital Signed Contract Notes.


  • Can I print the Contract Note?

Yes, there is an option of both saving as well as printing the Contract Note.


  • For what duration would the Digital Signature Certificate be available on the website?

You can view the Digital Signature Certificate on the website upto seven years.