Secure Virtual Sign -FAQ

Leegality’s Secure Virtual Signature is a non-Aadhaar electronic authentication mechanism which reflects the user’s acceptance of an electronic document. This acceptance happens through a 2 Step Authentication Process that requires the signer to:

1)    Authenticate OTP sent to their registered phone or email

2)    Affix a representation of their signature on a virtual pad

‍

‍

Virtual Signs can either be – drawn on the virtual pad or pre-selected from auto-generated options

How a Secure Virtual Sign looks on your electronic document

‍

Yes, you can execute all contracts through Secure Virtual Sign.

There are only two exceptions to this rule:

1)    Documents that are explicitly required by law to be authenticated by a signature. By virtue of Section 5 of the IT Act, 2000 the Secure Virtual Signature cannot be used for such documents.

2)     Documents that have been listed under Schedule I of the IT Act

For a complete list of such documents, please see our response to “What documents can be signed through Secure Virtual Sign?”

Section 10A of the IT Act provides wide latitude for any mode of electronic authentication for creation of binding contracts in India. This section is a clarification that bridges the gap between the IT Act and the Contract Act. Under the Contract Act - a contract can be executed by any means possible. A signature is not mandatory or required for a contract – only proof of valid acceptance is.

‍

The enforceability of a particular signature mode is determined by how well a signature type ensures:

a)    Identity of the signer

b)    Non-repudiation i.e makes it hard for signers to deny their signature

c)    Integrity of the content

Leegality’s Secure Virtual Sign meets the criteria.

Identity and Non-Repudiation

By default, the Virtual Sign comes with a double layer of authentication:

1) OTP Authentication on registered phone number

2) Act of selecting or virtually signing.

In addition, Leegality provides additional layers of security that you can add onto this:

1) Geo-location capture

2) Face Capture with Liveliness Check

3) Multi-factor authentication for document access

These layers of authentication are comprehensively captured in a digitally signed Leegality audit trail

For a signatory to successfully repudiate Secure Virtual Sign in Court they will need to do ALL of the following:

1)    Prove why the OTP authentication on their phone number was not done by them

2)    Prove why they didn’t perform the act of selecting or inscribing virtual sign

3)    Prove that the geo-location does not reflect their location (if switched on)

4)    Prove that they were not present to sign even though there is a capture of their live face (if switched on)

5)    Prove that the multi-factor authentication performed by them was not done by them

Therefore, it is virtually impossible for a signer to disprove Secure Virtual Sign in Court. In fact, the security layers of Secure Virtual Sign – make it much more secure and harder to repudiate than wet-ink signatures

Integrity of Document

All Secure Virtual Signed documents are secured by a Leegality digital signature on the entire document. This acts as a security procedure under the IT Act to ensure that the document cannot be altered or modified without alerting the parties – and qualifies as a Secure Electronic Record under the Evidence Act.

‍

As soon as your document gets signed by all the required parties, Leegality will issue what is known as the ‘audit trail’ for that document to you and all your signatories.

Ingredients of an audit trail

The audit trail is a digitally signed document containing:

a)    The logs relating to the signing transactions on the document

b)    Timestamps for all events in the signing journey – from the time a signing invitation is opened by the first signer till the last signer completes his signature

c)     Public IP of the signers

d)    Stamp paper details

e)    Location of the signers while performing the signature

f)     Signature Certificate Details of the signatories

g)    Geo-location and Face Capture of the signers (if switched on)

Security features of the Leegality Audit Trail

Leegality audit trails are digitally signed Leegality the moment they are generated.

This ensures:

a)    The audit trail cannot be altered or modified without alerting the parties

b)    The audit trail qualifies as a “secure electronic record” under the Indian Evidence Act, 1872 – making it easy to produce as evidence in any court of law.

‍

Electronic authentication by way of Secure Virtual Signature is sufficient to enter into most contracts or approve the contents of most documents as per Section 10A of the Information Technology Act, 2000. Routine documents such as business agreements, employee contracts, approval letters, onboarding forms, non-disclosure agreements, and HR documents can be validly executed using Secure Virtual Sign.

However, if a document is explicitly required by law to be authenticated by a signature, then by virtue of Section 5 of the IT Act, the Secure Virtual Signature cannot be used.

Additionally, some documents have been expressly excluded from the application of the IT Act and therefore cannot be electronically authenticated/signed. These are:

1.     A negotiable instrument (other than a cheque, DPN or Bill of Exchange issued in favour of or endorsed by an entity regulated by the RBI, NHB, SEBI, IRDAI and PFRDA ) as defined in Section 13 of the Negotiable Instrument Act,1881.

2.     A power-of-attorney as defined in Section 1A of the Powers-of-Attorney Act, 1882 but excluding those PoAs that empower an entity regulated by the RBI, NHB, SEBI, IRDAI or PFRDA, to act for, or on behalf of, and in the name of the person executing them)

3.     A trust as defined in Section 3 of the Indian Trust Act, 1882.

4.     A will as defined in clause (h) of section 2 of the Indian Succession Act,1925 (39 of 1925), including any other testamentary disposition by whatever name called.

‍

Why Secure Virtual Sign is better than clickwrap:

Click-wraps don’t offer trusted third party audit-trail and OTP verification to support the authentication process – making it impossible to ascertain the identity of the party accepting the terms and conditions. These create legal and business risks as it can be very difficult to prove such agreements in front of adjudicatory authorities and may also not stand up to scrutiny in case of regulatory audits.

Secure Virtual Sign as an alternative to Aadhaar eSign:

Secure Virtual Sign is useful as an alternative to Aadhaar eSign in cases where:

A)    The signer doesn’t have their Aadhaar linked to their phone

B)    You want a cheaper alternative to Aadhaar eSign

‍

In case of physical signatures, the authorised signatory of the organisation uses their own signature to sign a document. The same applies for Secure Virtual Sign, where the authorised signatory can sign the document on behalf of the organisation using their own Virtual Signature.

However, chasing your authorised signatories around for every document can be a time-consuming and inefficient process. That’s why Leegality provides a way for Authorised Signatories in your organisation to:

A)    Store their Secure Virtual Signs on Leegality

B)    Provide standing orders in Leegality for automatic affixture of their signature upon certain conditions being met

As a bonus – Leegality also provides a way to attach “digital” authorised signatory seals along with the signature.

‍