Aadhar Card Signature

The Aadhaar Card digital signature or Aadhaar e-signature is a unique electronic signature based on an individual’s Aadhaar data. It is an encrypted signature that is designed to electronically sign digitised documents like letters, agreements, etc. It holds the same value as a handwritten signature. Digital signatures are different from electronic signatures. While electronic signatures usually imply entering the name in the electronic document, digital signatures are cryptographically included in the digital document.

Aadhaar eSign is a secure digital signing method that lets users authenticate official documents using their Aadhaar number and a registered mobile number or email. It enables individuals to sign contracts, applications, and government forms online through a simple OTP or biometric verification on the UIDAI platform. Once completed, the digital signature confirms the user’s identity and validates the authenticity of the Aadhaar-linked information.

Verifying an Aadhaar-based signature is essential for many formal processes—such as opening bank accounts, applying for employment, or accessing government services. It adds a strong layer of security, ensures legal validity, and significantly reduces the risk of document fraud

Let’s take a look at the benefits of Aadhaar e-Signature.

• Convenience

e-Signature feature has made the registration process hassle-free, quick and real time for customers by eliminating the necessity to be physically present to register Aadhaar card signature, it also prevents human errors and delays that are an unavoidable part of the manual process. Aadhaar card e-signature has also done away with hardware tokens that is a necessary part of the process.

• Flexibility

Aadhaar e-Signature registration can be done through more than one ways, determined by the device being used by the service provider. One is the biometric verification that involves iris scanning and fingerprint verification. The second way is through mobile device via One Time Password (OTP). Here, the Aadhaar cardholder receives an OTP on his/her registered contact number as a part of the verification process.

• Privacy

Only certain specific information is involved in the process, so that all information is not accessible to service providers. Maintaining the privacy of information of the signatory is the responsibility of service providers.

The process of Aadhaar e-Signature involves four main entities: the Signer (user), the Application Service Provider (ASP), the eSign Service Provider (ESP), and the Certifying Authority (CA), which is regulated by the Controller of Certifying Authorities (CCA).

1. Initiation and Consent

The signer receives a document from an Application Service Provider (ASP) (e.g., a bank or government portal) and provides consent to sign it electronically using Aadhaar eSign.

2. Authentication

The signer is redirected to a secure page hosted by an eSign Service Provider (ESP), where they enter their 12-digit Aadhaar number or Virtual ID (VID). The ESP sends this information to the Unique Identification Authority of India (UIDAI) for identity verification.

3. Verification (OTP/Biometric)

UIDAI verifies the user's identity through a One-Time Password (OTP) sent to their Aadhaar-registered mobile number or email address. Alternatively, biometric authentication (fingerprint or iris scan) can be used.

4. Digital Signature Generation

Upon successful verification, the ESP generates a temporary, secure key pair (public and private keys) for the user. The private key is used to digitally sign the document's unique "hash" (a digital fingerprint of the document content), ensuring data integrity. The private key is destroyed immediately after a one-time use to prevent misuse.

5. Document Affixture and Delivery

An Electronic Signature Certificate (ESC) is issued by a licensed Certifying Authority (CA) and, along with the encrypted hash, is affixed to the document by the ASP. The signed, tamper-proof document is then sent to all relevant parties (usually via email/SMS) along with an audit trail of the signing process.

The validity of an Aadhaar e-signature as a functional and legal method of signing is permanent for the signed document itself, but uses a short-lived signing certificate for enhanced security.

• For the Act of Signing

The digital signature certificate generated during the eSign process has a technical validity of only 30 minutes. The associated private key is destroyed immediately after this period to prevent misuse.

• For the Signed Document

The signed document remains permanently tamper-proof and verifiable long after the certificate expires. Any recipient can validate the signature's authenticity using a PDF reader (like Adobe Acrobat) which checks the certificate chain and confirms that the document has not been altered since it was signed.

Before you validate your Aadhaar e-Signature via your mobile phone, you need to download the mAadhaar app first by following these simple steps:

• Visit Google Play app to download the mAadhaar app. This app works only on Android 5+ version and above.

• Install the app on your mobile phone

• Next, you will receive an OTP on the mobile number that you have registered with Aadhaar.

• Enter the OTP to download the mAadhaar card

Next, follow these steps for validating Aadhaar e-Signature through your mobile phone:

• Create your profile

• Enter your Aadhaar Card number and then scan the QR-Code

• Once the QR code has been successfully scanned, your demographic information will appear on your mobile screen

Below are the steps for validating the e-Aadhaar PDF Digital Signature via Adobe Reader:

• Download eAadhaar from UIDAI Resident Portal with Adobe Reader

• Select the ‘Validity Unknown’ option and then on ‘Validate Signature’

• When the signature validation status window appears on your screen, click on ‘Signature Properties’

• Next, select the ‘Show Certificate’ option

• Verify certification path named ‘NIC sub-CA for NIC 2011, National Informatics Centre’

• This can be identified as ‘NIC sub-CA for NIC 2011, National Informatics Centre’ as the owner of the digital certificate that was used at the time of signing the document

• Mark the certification path titled ‘NIC sub-CA for NIC 2011, National Informatics Centre’, select the ‘Trust’ option and then click on ‘Add to Trusted Identities’. Subsequently, select the ‘OK’ button to answer all the security questions that follow

• Click on the ‘Use this certificate as a trusted root’ option and then select the ‘OK’ option twice to close both windows

• Select the ‘Validate Signature’ option to complete the process

Aadhaar e-Sign can be used to digitally sign a wide range of official and personal documents like:

• Loan applications and financial agreements

• Income tax forms and investment documents

• Employment forms and onboarding documents

• Government service applications

• Insurance proposals and claim forms

• Rental agreements and service contracts

• Educational and admission documents

• GST, business, and compliance filings