Aadhaar Online eSign

About

Aadhaar eSign is a recognised electronic signature under the IT Act that has become the most popular mode of eSign in India. This is because of 2 primary reasons:

  1. Signers can eSign from anywhere, using any Internet enabled device like a smartphone or a tablet.
  2. A signer does not need to procure a physical token. All they need to have to perform an Aadhaar eSign is possess a valid Aadhaar number and possess an Aadhaar linked mobile number/email ID
Aadhaar eSign

From the signer’s perspective, eSign via Aadhaar is extremely simple. Here are the steps for the most popular Aadhaar flow - eSign via OTP - a process that can be completed in less than a minute:

  1. The signer opens the document via a signing link sent to them via an Application Service Provider
  2. The signer views the document and gives consent to Aadhaar eSign
  3. The signer is redirected to the page of the Aadhaar eSign Service Provider (like NSDL or Verasys)
  4. The signer enters their Aadhaar number and gives consent again
  5. Signer enters the OTP they receive on their phone/email - and the eSign is completed

Legal Validity

By virtue of Sections 2(1)(ta), 3A, 5 and the Second Schedule of the Information Technology Act, 2000, signing an electronic document with an Aadhaar eSign is a legally valid mode of executing a document.

In many global jurisdictions, electronic signature can be any digital representation of a sign e.g a stylus based signature. Electronic signatures in India on the other hand are very specifically defined under the IT Act. 

As per Section 2(1)(ta), an electronic signature includes any technique outlined in the Act's Second Schedule.

Section 3A demands a technologically neutral level of "reliability" for an eSign type to be recognized by the Central Government in the Second Schedule. In 2015, the government legally endorsed Aadhaar eSign, incorporating it into the Second Schedule (Gazette Notification No. 2015 Jan – GSR 61(E)), which details its technological and regulatory framework.

Section 5 of the IT Act grants electronic signatures identical validity to wet-ink signatures, i.e., an “electronic signature” like Aadhaar eSign is seen as legally identical to a wet-ink physical signature. 

Electronic signatures like Aadhaar eSign can therefore be used to legally sign all types of documents.

The only narrow exception - where Aadhaar eSign cannot be used - are  documents listed in the First Schedule of the IT Act, 2000.

Here is a handy table which tells you where can you legally use Aadhaar eSign:

eSign type
Documents listed in the First Schedule of the IT Act
ALL other types of documents
Aadhaar eSign
Image
Image
eSign type
Aadhaar eSign
Documents listed in the First Schedule of the IT Act
Image
ALL other types of documents
Image

Legal Enforceability

The legal enforceability of any eSign type depends on:

  1. How well it can establish the identity of the signer (Authentication)
  2. Whether the document can be altered after the signatures are affixed (Integrity)
  3. Whether the parties can deny their acceptance of the terms and conditions at a later stage (Non-repudiation)

An Aadhaar eSign is very easy to enforce because it performs these 3 functions very well at a technological level:

eSign type \ Goal
Authentication
Integrity
Non-repudiation
Aadhaar eSign
Image
  • The underlying technology (secure key pair encryption/decryption) helps to clearly establish the signer’s identity, details of which are contained in the electronic signature certificate that is digitally signed by the Certifying Authority, a neutral entity
Image
  • The underlying technology (asymmetric crypto system + hash matching process) ensures that anyone opening the document on a PDF reader is alerted if the document has been altered after the signatures were affixed.
Image
  • For the signer to deny their Aadhaar eSign, they would need to prove that someone else had their Aadhaar number and their mobile phone which they used to carry out the e-authentication process. This is extremely unlikely.
eSign type \ Goal
Aadhaar eSign
Authentication
Image
  • The underlying technology (secure key pair encryption/decryption) helps to clearly establish the signer’s identity, details of which are contained in the electronic signature certificate that is digitally signed by the Certifying Authority, a neutral entity
Integrity
Image
  • The underlying technology (asymmetric crypto system + hash matching process) ensures that anyone opening the document on a PDF reader is alerted if the document has been altered after the signatures were affixed.
Non-repudiation
Image
  • For the signer to deny their Aadhaar eSign, they would need to prove that someone else had their Aadhaar number and their mobile phone which they used to carry out the e-authentication process. This is extremely unlikely.

Apart from the technological safeguards, Aadhaar eSign is made even easier to enforce by legal presumptions laid down in the Indian Evidence Act:

  • Section 67A - if a signer uses Aadhaar eSign to execute a document then it will be presumed that such eSign belonged to the signer herself and not to any other person. The signer cannot later on refute her eSign on the document.
  • Section 85A - an agreement which has been executed using Aadhaar eSign will be presumed to have been concluded between the parties and attained finality. This lends certainty as to the finality of the terms and conditions agreed between parties to the agreement.
  • Section 85B(1) - it is legally presumed that the document has not been altered once it has been signed using Aadhaar eSign
  • Section 85B(2) -  if the signer signs a document using Aadhaar eSign, it is presumed that the signer signed it with the intention of signing or approving the document
  • Section 85C - it is presumed that the details mentioned in the Electronic Signature Certificate, such as name of the signer, email ID and time of signing is true. This helps in establishing the identity of the person who signed the document. 

Want to try out eSigning for your own documents?