Insurance Brokers are governed by IRDA (Insurance Brokers) Regulations, 2002. As of now, new applicants for grant of and licensed brokers to renew their license are required to apply in Form A as given in the schedule-I of these regulations. Also the Insurance brokers are also required to file their annual returns on line, in 15 different formats prescribed as per circular No.009/IRDA/BRO/MAY 06 dated 26th May 2006.
The authority is in the process of establishing a system to automate and integrate the functions across all the departments in order to implement Business Analytics Project.
As part of business analytics project, brokers department have modified few existing forms prescribed in the schedule-I and some of the forms prescribed through the above circular to capture more granular information and for better supervision. Also some new forms are introduced to capture other granular information which is needed for better analysis & supervision. The unchanged forms are captured in excel sheet and are part of TOBE forms. A Detailed communication on changes in forms/new forms will be issued separately in due course.
Since these prescribed forms are to be submitted on periodical basis, online and to ensure safety & security of the data submitted it becomes necessary for the authorized signatories to use their digital signatures in all the places wherever necessary.
Hence all the brokers (authorized persons) are directed to obtain digital signatures from the authorized vendors (list enclosed) by 30th November, 2012.
A brief note about sourcing, usage about digital signatures is attached with this circular.
Member (Non-Life)
Brief Note on Digital Signature and its usage
A digital signature is an electronic method of signing an electronic document. The Information Technology Act, 2000 provides for use of Digital Signatures on the documents submitted in electronic form in order to ensure the security and authenticity of the documents filed electronically. This is the only secure and authentic way that a document can be submitted electronically.
Digital Signature uses the Public Key Infrastructure (PKI technology, which is a sophisticated, mathematically proven method of encrypting and decrypting information). Information can be decrypted only when both a private key and a public key match each other.
The certificate contains information about a user’s identity (for example, their name, email address, the date the certificate was issued and the name of the Certifying Authority that issued it.).
In the Business Analytics Project (BAP) application process the Digital Signatures can be used to ensure
- User Authentication (Ensuring the identity of the signer)
- Data Integrity (If the data is tampered, Signature validity is lost)
- Non-Repudiation (In case of Dispute, Signed Data can be used in court of Law)
Obtaining Digital Signature Certificate
Digital Signatures can be obtained from a Certifying Agency. The user is free to buy signature from any of the Digital Signature Providers recognized by the Ministry of Corporate Affairs. Recognized vendors (Source: Ministry of Corporate Affairs http://www.mca.gov.in/MCA21/certifying-new.html)
- Tata Consultancy Services Ltd. (TCS)
- National Informatics Centre (NIC)
- Institute for Development & Research in Banking Technology (IDRBT)
- MTNL
- (n)Code Solutions Ltd., (A division of Gujarat Narmada Valley Fertilizers Company Ltd.)
- Safe Scrypt from Sify Communications (Satyam)
- E Mudhra (3i Infotech)
Further details about CA and Cost of signatures are published on the MCA website.
Class of Digital Signatures:
Different Types of Digital Signature which are acceptable for usage in BAP
Class 2:
- Here, the identity of a person is verified against a trusted, pre-verified database.
- Primarily used in MCA21 (Ministry of Corporate Affairs e-governance project), ROC, Income Tax e-filing, sign a word or excel file, sign e-mail sent through Outlook
Class 3:
- This is the highest level where the person needs to present himself or herself in front of a Registration Authority (RA) and prove his/ her identity.
- Primarily used for e-tendering or e-procurement or e-bidding
Validity of Digital Signatures:
The DSCs are typically issued with one year validity and two year validity. These are renewable on expiry of the period of initial issue
Technical Pre requisites: All the end users (Brokers) should ensure that they upload various prescribed forms using the computers/lap tops with the following technical specifications.
Browser Client
- Internet browser. IE v6.0+, Mozilla fire fox v2.0+, Google chrome, Netscape Navigator, Apple Safari
- JAVA JRE 1.6
Using Digital Signature
One needs to take the following steps in order to use the DS in the BAP application.
- Procuring the signature in case you don’t have one
- Import the certificate into Browser store / using the certificate from the USB token directly
- Registration of the DS in the User Profile
- Using the signatures in the actual Transaction
Once the signature has been procured the Digital Signature, it should be available for Signing with the user.
There are two options for using the DS:
Option 1
The vendor emails the user the Digital signature files (e.g. .pfx file). This file can be stored on the desktop.
Option 2
The Digital signature need not be imported in the browser store and during the actual usage it can be picked from the source. (USB token will be provided by the DS vendor or folder where user has stored the signature). In this option user will be prompted with Password for DSC for every use.
While on the Application (User registration or the Application form for attaching Digital signature) the user can select DSC from the USB Token / local desktop folder.
Registration of DS with the user Profile
Before the User can use his Digital signature certificate for Authentication on the form, he needs to register his DSC on the User Profile Page. This establishes the relationship between User ID (BAP Login User ID) and the Digital Signature Certificate provided by the user. The process also checks for validity of the signature from the providers. In case of any error the user is shown the message accordingly. When user presses the button Register Digital Signature then a Web signer Applet window is prompted to the user. If permission is asked by the browser for installing a component, user should accept the same.