Frequently Asked Questions (FAQs)

1. What is Electronic Signature Certificate (ESC)

Ans : Digital signatures are electronically generated and can be used to ensure the integrity and authenticity of some data and protect against non-repudiation. It is a form of an electronic credential on the Internet. After the enactment of Information Technology Act 2000 in India, Electronic Signatures are legally valid in India. It is commonly abbreviated as ESC/DSC.

2. What are different classes of ESC/DSC?

Ans : There are three classes of ESC/DSCs, a Certifying Authority can issue. These are :

Class 1 : It is generally used for basic level of assurance. However this is the least popular in India.

Class 3 : This certificate will be issued to individuals as well as organizations where threat to data are high. These certificates are majorly used for eTendering and IRCTC eTicketing, Individuals and organisation tax filings, etc.

Special Purpose Certificate : Secure Socket Layer (SSL) and Document Signer Certificate are special purpose certificates used for Website (HTTPS) and bulk signing at the server respectively.

[ There is separate DSC issued for Signing and Encryption in case of Class 2 & Class 3 Individual/Organizations DSC ] 


3. What is the validity of DSC available

Ans : A DSC can be issued upto three year validity. The difference is in the commercials. 2 yr DSC is marginally higher than 1 yr DSC so is 3 year DSC costlier than 2 year validity DSC.


4. What is the difference between Only Sign and Sign + Encrypt Certificate ?

Ans : Class 3 is issued in two categories - Only Sign DSC and Sign + Encryption DSC.

With Only Sign Certificate, one can Sign the data to ensure the Data integrity and non-repudiation. Such types of certificates are majorly used for Income Tax eFiling, MCA-21, DGFT, GSTN, eTicketing, Sign Invoices, Sign Purchase Orders, etc. 

With Sign + Encrypt, apart from Signing, one can also Encrypt the data to protect it from the unauthorized access of data. These are majorly used for eTendering services.

5. Who decides what Class and Type of DSC I require ?

Ans : It is decided by the Application owner (like Govt. website, eTendering portal, MCA-21 website, Income tax portal, GSTN, etc) i.e Application, where you intend to use the DSC. For example, if you plan to use the DSC at MCA-21 Website, MCA-21 decides what class and type of certificate you have to procure from a Certifying Authority, in India.


6. What is OID?

Ans: OID stand for Object Identifier, OID is used to differentiate one class of certificates from another as per CCA IVG Guidelines and also indicate which CA has used what OID in the DSC and helps software applications to easily validate DSC programatically.


7. What is CPS?

Ans : CPS stand for Certification Practice Statement. It is basically a detailed statement of the DSC issuance practices and operational procedures to issue a DSC to the subscriber. Every Certifying Authority will have different CPS, which is generalized by CCA.


8. What is Subscriber Agreement?

Ans : A Subscriber Agreement is an agreement between Subscriber and CA stating that, subscriber is solely responsible for the protection of the Private key in Crypto Token and ensuring functionality of his/her key pair. Subscriber also agrees that all the information provided to CA is correct. CA will not be responsible for any legal disputes arising due to misrepresentation on the part of subscriber.


9. What is Revocation and how can I Revoke my DSC?

Ans : A DSC can be revoked under circumstances like : 

Users suspect compromise of certificate private key.

Change of personal data.

Change of relationship with the organization. To revoke your DSC, download the revocation form available at our website

Raise the revocation request by sending mail to CA from the registered email ID while buying DSC. CA can ask for more information in case of any doubt before DSC gets Revoked.

The subscriber can submit filled & signed revocation form along with id proof to nearest office or RA.


10. What is a USB Token? 

Ans: The X.509 Certificate Policy for India PKI mandates that the private key of the DSC of the subscriber should be stored only in a Cryptographic token ( which resembles a pen drive). There are four major makes of USB Token available - ePass, mToken, Watchdata. USB Token is must to obtain a DSC. Pls refer to for CCA Crypto guidelines.


11. IT ACT and Amendment (for reference

IT ACT 2000 :

IT (Amendment) Act 2008 :

Other details can be accessed at website managed by CCA office. 

12. Grievance redressal or Feedback Sharing 

Ans : At FDSS we truly believe in providing best in class services to our customers. We aim to understand both our strengths and shortcomings from our customer's point of view and work across to meet their needs. If you are not satisfied with the service received or you have a feedback to share w.r.t to the services availed, you can draw our attention either by calling us or by writing to us at

13. Aadhaar Paperless Offline e-KYC

1. What is Aadhaar Paperless Offline e-KYC?

It is a secure sharable document which can be used by any Aadhaar number holder for offline verification of Identification of Aadhaar holder in digital form

A resident desirous of using this facility shall generate his/her digitally signed Aadhaar details by accessing UIDAI resident portal. The details will contain Name, Address, Photo, Gender, DOB, hash of registered Mobile Number, hash of registered Email Address and reference id which contains last 4 digits of Aadhaar Number followed by time stamp in a digitally signed XML. It will provide Offline Aadhaar Verification facility to service providers/Offline Verification Seeking Entity (OVSE) without the need to collect or store Aadhaar number.

2. How to generate Offline Aadhaar? 

The process of generating Aadhaar Offline e-KYC is explained below:

Go to URL

Enter ‘Aadhaar Number’ or ‘VID’ and mentioned ‘Security Code’ in screen, then click on ‘Send OTP’ or ‘Enter TOTP’. The OTP will be sent to the registered Mobile Number for the given Aadhaar number or VID. TOTP will be available on m-Aadhaar mobile Application of UIDAI. Enter the OTP received/TOTP. Enter a Share Code which be the password for the ZIP file and click on ‘Download’ button.

The Zip file containing the digitally signed XML will be downloaded to device wherein the above mentioned steps have been performed. [ Ensure to download such file in your own mobile/computer device for safety ]

3. Who are the users of this Aadhaar Paperless Offline e-KYC? 

Any Aadhaar number holder who desires to establish his/her identity to any service provider (OVSE) using digitally signed XML downloaded from UIDAI website can be a user of this service. The service provider should have provisions of providing this Aadhaar Paperless Offline e-KYC at their facility and do the offline verification

4. How to share this Paperless Offline eKYC document with the service provider? 

Residents can share the XML ZIP file along [ and enter the Share Code in application ] to the service provider as per their mutual convenience ( sharing secure code with anyone is not desirable ).