Guidelines for Digital Signature (PKI)

Prerequisite:

1) e-Token with Digital Signature Certificate (Class 2 or Class 3) stored in it.

2) System should be updated with latest version of Java (JRE 1.6 and above )

I. Enrollemnt Guidelines

Step 1: Customer needs to enroll for PKI after login to Internet Banking

Login to Net Banking and select Digital signature Enrollment option under Services. ENSURE TOKEN IS PLUGGED IN. Before opting for Digital Signature enrollment ensure JRE 1.6 and above JAVA file is downloaded. If not found, user will be guided to download java to proceed. Click Run to proceed further.

System detects the Token Plugged in the System and prompts to Enter Token password.

Select applicable Digital Certificate and click on SIGN.

System displays the certificate Number, validity from & to date, class and issuer details. Click Submit to proceed.

Digital Signature Enrollment Confirmation screen will be shown after successful enrollment. Customer needs to approach the branch and get it approved:

II. Login through Digital Signature Certificate

Customer to enter his User ID and Password and click on Sign IN

System will check if the Customer is enrolled for PKI. If not enrolled, customer will be able to see the Login Page. If enrolled for PKI already, System will validate the same. Customer to enter the Token Password and select the Registered Certificate and click on Sign IN.

II. De-Enrollment from Digital Signature Certificate

Login to Net Banking and select Digital signature De-Enrollment option under Services. It will show the Certificate Details. Customer to click on De-enrolled button.

Customer will be de-enrolled from PKI. Success message would be displayed on the Page. Please note that Admin authorization is not required for De-enrollment purpose.

III. Transaction validation using Digital Signature

Restriction:

Following are the type of transactions for which Digital Signature Validation will happen if the customer is enrolled for the same:

Bulk File Upload (Digital Signature would be validated irrespective of the amount involved in the transaction)

On screen transaction above Rs. 2,00,000/- (Both Retail & Corporate)

Once the Customer initiate the payment, System will check if the User is enrolled for PKI. If enrolled and the transaction amount is above 2,00,000 in case of NEFT/ RTGS/ Within Canara Bank transaction or it’s a Bulk Upload Transaction, System will prompt for PKI Validation. Customer to Enter the Token Password

Select the Certificate

Once PKI validated, Customer to enter Transaction Password/ OTP to complete the Transaction

Process for applying to PKI (e-Token /Digital Signature Certificate

The Office of Controller of Certifying Authorities (CCA), issues Certificate only to Certifying Authorities.CA issues Digital Signature Certificate to end-users. User can approach any one of the six CAs for getting Digital Signature Certificate. The website addresses are given below.

Sl. No. Certificate Authority Website1 e-MudhraCA www.e-Mudhra.com2 GNFC www.ncodesolutions.com3 IDRBT www.idrbtca.org.in4 NIC www.nic.in5 Safescrypt www.safescrypt.com 6 TCS www.tcs-ca.tcs.co.in

General Steps involved in applying for PKI

Customer has to visit the web page of any Certifying Authority and download the Application form

Category will be there in the link with Individual / Organization / Bank / Government / DGFT. Customer can select Individual or Organization based on the category.

Customer to apply for Class 2 or Class 3 Certificate. Please note that if the customer does not have e-Token, he may request for the same along with the required Certificate.

A Digital Signature Certificate (DSC) is a secure digital key that certifies the identity of the holder, issued by a Certifying Authority (CA). It typically contains your identity (name, email, country, APNIC account name and your public key). Digital Certificates use Public Key Infrastructure meaning data that has been digitally signed or encrypted by a private key can only be decrypted by its corresponding public key. A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web.

Class 2 Certificate: These certificates will be issued to both business personnel and private individuals. These certificates will confirm that the information in the application provided by the subscriber does not conflict with the information in well-recognized consumer databases. 

Applicability: This level is relevant to environments where risks and consequences of data compromise are moderate. This may include transactions having substantial monetary value or risk of fraud, or involving access to private information where the likelihood of malicious access is substantial.

Class 3 Certificate: This certificate will be issued to individuals as well as organizations. These are high assurance certificates and primarily intended for e-commerce applications. To obtain these certificates the individuals should appear in personal (physical) before the Certifying Authorities.

 

Applicability: This level is relevant to environments where threats to data are high or the consequences of the failure of security services are high. This may include very high value transactions or high levels of fraud risk.

Fills up the application form by providing necessary details, make an online payment on the website and submit the application form

Customer to take a print of DSC application form, duly sign the same, enclose Xerox copies of id proofs mentioned in the application form, address proof as mentioned in the application form and has to courier the above to respected CA’s address as mentioned in the application form.

CA will scrutinizes the DSC application request and based on scrutiny approves or rejects the application.

If approved an SMS intimation to Customer is sent for downloading of DSC. Customer can download the digital signature certificate.

In case customer loses the token or already in possession of certificate then they can buy token using the link - Buy Token available in the website