Financial Daily from THE HINDU group of publications
Monday, Jul 26, 2004
E-Commerce & E-Business
e-signatures yet to gain favour
Chennai/Mumbai , July 25
THE law providing a safety net to citizens in the real world is old hat. What's new is that it can encourage law-abiding citizens to refuse such a net. A case in point is the digital signatures market.
Mr Robert Raja, Chairman of Odyssey Technologies, a seller of the digital signature technology, feels that potential buyers were more open to the technology before the IT Act of 2000. "Now, buyers are concerned about actual compliance with the rules."
They fear that not keeping with those norms could result in more headaches. As a result, they tend to postpone decisions on buying and implementing the technology. Now, Odyssey tries selling only the benefit of technology to the buyer.
"Once the customer realises the value of the technology and can ignore additional benefits conferred by legal compliance till he is ready for a formal anointment, it is easier to sell."
Digital signatures help users endorse the identity of the sender of an electronic document.
The public key infrastructure (PKI), in which digital signatures work, also helps establish that a document transmitted electronically has been received intact and has not been tampered with in transit.
The Deputy Controller of Certifying Authorities, Dr K.K. Bajaj, says that a total of 22,000 certificates or signatures have been issued, of which 15,000 have come from a single certifying authority, the IDRBT (Institute for Development and Research in Banking Technology).
The other three authorised certifying authorities (TCS, the Government's IT arm, NIC, and private player, SafeScrypt) have together issued the rest.
The figure of 22,000 compares with annual sales of 33 lakh PCs a year in India. Typically, most PC users also use the Internet and exchange documents electronically. Hence, they would be potential users of digital signatures.
So what is the issue with companies wanting the benefit of technology, but not the assurance of the law?
Mr Raja says, "Somewhere they have come to a wrong notion that this technology is out of bounds unless used with a certificate from a licensed certification authority."
He adds that most large institutions believe that asking their customers to get digital signatures from other established certifying authorities would prove prohibitive. "So they see themselves becoming licensed certifying authorities to certify their customers and thereafter use those certificates in transactions."
This is where the issue of "compliance" comes in. Compliance typically demands huge prescribed physical infrastructure, a hefty bank guarantee, periodic audit costs and the like.
Mr Raja says that the technology itself could be used without the involvement of licensed certifying authorities.
"The recognition accorded by the law (certainly) enhances the benefits of this technology and the absence of legal recognition would not automatically dilute the benefits."
Interestingly, the Evidence Act confers a higher status on digital signatures than physical signatures.
For instance, in the case of physical signatures, if a signer disputes a signature, the other party has the onus of proving that the signer did indeed sign it.
In the case of the digital signatures, the presumption is against the signer, and he has to prove that it is not his signature, says Mr Raja.
Few online deals
Dr Bajaj adds that another reason for digital signatures not taking off is that "e-commerce, particularly the business-to-consumer transactions" is still languishing.
"Transacting online is still a big psychological issue for consumers. Security concerns make consumers hesitate in even parting with their credit card numbers on Internet."
He feels that the usage would pick up once e-governance applications are launched in a big way.
When consumer interaction with the Government on various fronts becomes manageable using a single interface such as a smart card, digital signatures would gain further acceptance.
Mr Raja feels that cost is also an issue. Currently, it could cost up to Rs 44,000 to have a server-level certificate issued by a private player and up to Rs 5,000 for a personal certificate.
(The IDRBT's personal certificate comes at a price of Rs 40. The organisation has issued certificates predominantly to bank officials.)
Currently, digital signatures are being used in the country for filing of DGFT applications, in Internet banking, income-tax returns filing, for projects such as land records in Karnataka, in banks for financial messaging system and others.
Stories in this Section
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |
Copyright © 2004, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line