India10 steps~10 days

How to Get Digital Signature Certificate in India

A Digital Signature Certificate (DSC), specifically Class 3, is the non-negotiable digital identity required for virtually all corporate filings in India, from incorporating a company to signing GST returns and participating in e-tenders. In 2026, this certificate remains the foundational key that allows your business to engage with critical governmental and corporate portals electronically without interruption, and MCA's V3 portal continues to insist on Class 3 for all authorised signatories. It legally validates every document you submit online, ensuring that your company's transactions are recognized as authentic and reliable by regulatory bodies like the Ministry of Corporate Affairs (MCA), Customs (ICEGATE), and DGFT. Directors, partners, and authorised signatories each need their own DSC, and most CAs offer a combined sign-and-encrypt Class 3 certificate, though you should confirm which variant (sign-only, encrypt-only, or combo) you actually need before applying. Getting the application right the first time — matching names, addresses, and photographs exactly to PAN and Aadhaar records — is what determines whether you receive your token in two days or two weeks.

Typical timeline
~10 days
Indicative cost
INR ₹2,500–₹4,500 (Govt/CA issuance fees) + professional service charges — confirm the current fee schedule with your Certifying Authority, as pricing varies by validity period and token requirements
Jurisdiction
India
Steps
10

Before you start

  • Valid PAN Card for every director, partner, or authorised signatory who needs a DSC
  • Passport-sized photograph in JPEG format with a plain white background, taken within the last six months
  • Proof of address such as Aadhaar, a recent utility bill, or a bank statement not older than two to three months
  • A working mobile number linked to Aadhaar for OTP-based e-KYC or video verification
  • A valid email ID that you check regularly, as the CA sends all application status updates there
  • Company or LLP incorporation documents if the DSC is being applied for as an organisational representative
  • A USB token compatible with your CA's software (some CAs bundle a new token, others let you reuse an existing valid one)
  • Board resolution or authorisation letter if applying on behalf of a company rather than as an individual

Step-by-step

  1. Select a Certifying Authority (CA)

    Choose an empanelled CA from the list published by the Controller of Certifying Authorities (CCA) — common names include eMudhra, Protean eGov Technologies (formerly NSDL e-Governance), and Capricorn CA. You can select a provider that issues DSCs suitable for both MCA and DGFT use to save time, or choose separate providers if you prefer to split costs across signatories.

    • Check whether the CA supports Aadhaar-based paperless e-KYC in your city, as this can cut the timeline significantly
    • Compare token compatibility with your existing filing software before committing to a provider
  2. Submit Application via Portal

    Fill out the application form on your chosen CA's website or through an authorised reseller. Upload scanned copies of your PAN card, address proof, and photograph. Ensure every detail — spelling of name, date of birth, address — matches exactly with your PAN and Aadhaar records, since even minor mismatches are the single biggest cause of rejection or delay.

  3. Complete Identity Verification

    Most CAs now offer two verification routes: an in-person biometric appointment at a local branch, or a remote video-based identity verification (VIV) using Aadhaar OTP and a live selfie. Video verification is faster and increasingly the default for individual applicants, while biometric fingerprint capture is still used for certain organisational or high-value certificates.

    • For video verification, keep your Aadhaar card and PAN card ready on camera along with a stable internet connection
    • For biometric appointments, carry originals of all documents you uploaded, not just photocopies
  4. Pay Government and Service Fees

    Make payment via net banking, UPI, or card as directed by the CA's payment gateway. The CA typically generates an invoice or challan covering the certificate issuance fee, token cost (if a new one is needed), and any reseller service charge. Fees vary by validity period (one, two, or three years) and by whether you already own a compatible token, so confirm the exact breakup before paying — do not rely on generic published price lists, as CAs revise them periodically.

  5. Wait for CA Approval and Certificate Generation

    Once your identity verification is accepted, the CA's back-office team cross-checks your documents against government databases before generating the digital certificate. This internal approval step is where most of the 24–72 hour turnaround time is spent, and it can stretch longer if your name or address doesn't precisely match official records.

  6. Receive DSC on USB Token

    After approval, the CA either couriers a physical USB token pre-loaded with your private key, or — if you already hold a valid token — pushes the new certificate onto your existing device remotely. Track the courier if one is dispatched, since tokens sent to the wrong address are a common cause of week-long delays.

  7. Install Software and Drivers

    Download the specific driver and signing utility provided by your CA (for example, eMudhra's DSC Tool or Protean's SignTool, formerly branded as NSDL's SignTool). Install it on every computer that will be used for filing, then plug in the token and import the certificate to activate signing capability.

    • Windows Defender or antivirus software sometimes flags token drivers as unrecognised — allow the installer if you sourced it from the CA's official site
    • Keep the token's PIN safe; most tokens lock after a small number of incorrect PIN attempts and require CA support to unlock
  8. Register the DSC on Relevant Portals

    A working certificate on your token doesn't automatically mean every government portal recognises it. Log in to MCA V3, the GST portal, ICEGATE, or DGFT as applicable and register or update the DSC linked to your user profile — this is a separate step from installation and is frequently overlooked.

  9. Verify Installation and Test Sign

    Open a test PDF or a low-stakes government form using your CA's signing tool. With the token inserted and PIN entered, attempt to sign; a successful attempt generates a visible digital signature block confirming the certificate is active. Do this well before an actual filing deadline, not on the day the filing is due.

  10. Set a Renewal Reminder

    DSCs are typically issued for one, two, or three years depending on what you purchased, not automatically for one fiscal year. Note the expiry date printed on your certificate details and set a calendar reminder at least three to four weeks before expiry, since renewal requires the same identity verification process as a fresh application.

Common mistakes to avoid

  • Uploading low-resolution photos or documents with a name spelling that doesn't exactly match PAN records, which causes instant rejection
  • Assuming a token from an old DSC will automatically work with a new certificate without checking compatibility with the current CA's software
  • Skipping the portal-side DSC registration step on MCA, GST, or ICEGATE after installing the certificate locally
  • Not confirming whether the DSC is issued for signing only, encryption only, or both, when the intended use is dual (e.g., GST and e-tendering)
  • Waiting until the filing deadline to test the DSC, leaving no buffer if the token, driver, or PIN has an issue
  • Losing or forgetting the token PIN and having no record of the CA's support contact for unlocking or reissuing it
  • Applying with an address proof that is more than a few months old, which some CAs flag during verification
  • Not budgeting for renewal, then discovering the certificate has silently expired mid-filing-season

Frequently asked questions

How long does it take to receive a Class 3 DSC?

Turnaround is usually between 24 hours and 5–7 working days, depending on whether you use remote video verification (faster) or in-person biometric appointment and courier delivery (slower), and on how quickly your documents pass the CA's internal cross-checks.

Can I get a DSC without visiting a branch?

In many cases, yes. Most empanelled CAs now offer Aadhaar OTP-based e-KYC combined with video identity verification, which lets individual applicants complete the process remotely. Some organisational or high-assurance certificates may still require in-person biometric verification depending on the CA's policy — confirm this with your chosen provider before starting.

Is the cost of a DSC recurring, and how often do I need to renew?

DSCs are issued for a fixed validity period — commonly one, two, or three years, chosen at the time of purchase — not automatically renewed annually. You must go through essentially the same application and verification process again before or after expiry, and government/CA fees apply again at renewal.

What happens if my biometric or video verification fails?

The CA will typically offer to reschedule the appointment or verification attempt. If a physical condition affects fingerprint capture, some CAs can substitute additional documentary verification or a different biometric point — ask your CA's support team directly, as policies differ by provider.

Do all directors of a company need their own individual DSC?

Yes. A DSC is issued to an individual, not to a company, so every director, partner, or authorised signatory who needs to sign filings digitally must obtain their own certificate in their personal name.

Can one DSC be used for both MCA filings and GST returns?

Generally yes — a Class 3 DSC covering signing (and often encryption) can be registered across multiple government portals including MCA, the GST portal, and ICEGATE, provided you complete the separate portal-side registration step on each platform after issuance.

What is the difference between a DSC and an e-Sign (Aadhaar-based signature)?

A DSC is a certificate-based digital identity stored on a token or in the cloud, valid for a fixed period and usable across many filing systems. Aadhaar e-Sign is a one-time, OTP-based signing method tied to a specific transaction and not stored as a reusable certificate — the two serve different use cases and aren't interchangeable for all filings.

Can I use a DSC token on multiple computers?

Yes, provided you install the CA's driver and signing software on each computer and physically carry the USB token between them, since the private key resides on the token itself, not on any single machine.

What should I do if my USB token is lost or damaged?

Report it to your CA immediately so they can revoke the associated certificate and prevent misuse. You will then need to apply for a fresh DSC on a new token, going through identity verification again — a lost token cannot simply be replaced with the same certificate.

Do foreign directors of an Indian company need a different process for DSC?

Foreign nationals can obtain a Class 3 DSC but typically follow a slightly different documentation path, often involving notarised or apostilled identity and address proof in place of PAN/Aadhaar-based e-KYC. Requirements vary by CA and by the applicant's country of residence — confirm the exact document list with your CA or with PNPC Global before applying.

Does PNPC Global handle the DSC application on our behalf?

PNPC Global can coordinate the end-to-end DSC application with an empanelled Certifying Authority as part of company incorporation, GST registration, or annual compliance engagements — collecting documents, tracking verification status, and confirming portal-side registration so your filings aren't held up.

Prefer we handle Digital Signature Certificate (DSC) – including DGFT DSC?

Our team in India & UAE completes every step above for clients daily — accurately and on time.

See the service →← All guides