Rated 4.9/5 by 312+ Chennai clientsZero penalty record across all filings24-hour response · WhatsApp-first supportOffices: Maduravoyal, Nerkundram & Nolambur (upcoming)15+ years of expert tax & compliance consulting500+ active clients across 243 Chennai areasRated 4.9/5 by 312+ Chennai clientsZero penalty record across all filings24-hour response · WhatsApp-first supportOffices: Maduravoyal, Nerkundram & Nolambur (upcoming)15+ years of expert tax & compliance consulting500+ active clients across 243 Chennai areas
High business density · Thousand Lights Class 3 DSC

Class 3 DSC · Thousand Lights central business and hospitality area Pocket

the cluster of hospitality, healthcare, banking businesses that defines Thousand Lights's commercial fabric — backed by a 15+ year track record

Handling Class 3 DSC for Thousand Lights and Nungambakkam clients by qualified experts with a 15+ year, zero-penalty record. Call 9566-068-468.

4.9
312+ Reviews
15+ Years
Zero Penalties
500+ Clients
Quick Answer

What is the legal evidentiary value of a digitally signed document in Thousand Lights, Chennai?

A digitally signed electronic record is admissible in evidence under Section 65B of the Indian Evidence Act 1872 read with Section 5 of the IT Act 2000. The Supreme Court in Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473 held that a Section 65B(4) certificate is mandatory for electronic records, and in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1 reaffirmed the mandatory nature of the certificate, overruling Shafhi Mohammad.

Transparent Pricing

Class 3 DSC in Thousand Lights — Plans & Pricing

Fixed fees · Zero hidden charges · Call 9566-068-468 for a custom quote.

MonthlyAnnualSave 2 Months
Personal DSC
Class 3 DSC 1 Year
Class 3 DSC 1-year video KYC
₹1,500one-time

  • Class 3 DSC 2-Year Validity
  • Video KYC No Physical Visit
  • USB Token Included
  • MCA21 + GST + TRACES + DGFT Portals
  • e-Tender Portal Registration
  • Director + Company DSC Bundle
  • Next-Day KYC Appointment
Most Popular ⭐
Class 3 DSC 2 Years
Class 3 DSC 2-year video KYC
₹2,000one-time

  • Class 3 DSC 2-Year Validity
  • Video KYC No Physical Visit
  • USB Token Included
  • MCA21 + GST + TRACES + DGFT Portals
  • e-Tender Portal Registration
  • Director + Company DSC Bundle
  • Next-Day KYC Appointment
Most Popular ⭐
Class 3 DSC 2 Years + Token
Class 3 DSC 2-year video KYC + Token Device
₹2,500one-time

  • Class 3 DSC 2-Year Validity
  • Video KYC No Physical Visit
  • USB Token Included
  • MCA21 + GST + TRACES + DGFT Portals
  • e-Tender Portal Registration
  • Director + Company DSC Bundle
  • Next-Day KYC Appointment
Director + Company
Company DSC
DSCs + all portal registrations
₹4,500one-time

  • Class 3 DSC 2-Year Validity
  • Video KYC No Physical Visit
  • USB Token Included
  • MCA21 + GST + TRACES + DGFT Portals
  • e-Tender Portal Registration
  • Director + Company DSC Bundle
  • Next-Day KYC Appointment

Swipe to see all plans

Prices exclude GST. For enterprise pricing, call 9566-068-468.

Why FilingPro?

Why Thousand Lights Clients Choose FilingPro

Expert Class 3 DSC in Thousand Lights — qualified professionals, 15+ years experience, zero-penalty track record.

Multi-Director Pack Coordination

For Thousand Lights companies needing the full board's DSCs (Premium plan — 5 directors), FilingPro coordinates all five Aadhaar e-KYCs sequentially in a single working day with USB tokens preloaded and shipped together.

Encryption + Signing Pair for Tendering

e-Tendering on CPPP, GeM and State portals frequently requires both signing and encryption certificates. FilingPro supplies the certificate pair on Premium plan with proper key-usage extensions configured per CCA Interoperability Guidelines.

CRL & OCSP Revocation Coverage

On token loss, employment change or key compromise, FilingPro coordinates revocation under Section 38 IT Act with the issuing CA — the certificate is added to the CRL and OCSP responder under the CCA Interoperability Guidelines, protecting Thousand Lights clients from misuse liability.

USB Token Driver & Browser Setup

EmSigner

Aadhaar eSign Where DSC Is Overkill

Where a Thousand Lights client only needs to sign one document (loan agreement, NACH mandate, single offer letter), FilingPro recommends Aadhaar eSign under Section 3A IT Act with Schedule II — saves the cost and inventory of a USB token.

WhatsApp-First Issuance

Aadhaar OTP, video selfie and document submission all flow through WhatsApp and the CA's e-KYC portal. Thousand Lights clients receive the USB token by courier, never visit our or the CA's office.

Key Benefits

What Thousand Lights Clients Get

Every Class 3 DSC engagement delivers measurable, guaranteed outcomes — expert professionals, on time, every time.

Hardware-Secure Private Key
The private key never leaves the FIPS 140-2 USB token under CCA Interoperability Guidelines — even if the host PC is compromised, the Thousand Lights client's signing key cannot be exfiltrated.
Revocation Protection on Loss
Lost or compromised tokens are revoked under Section 38 IT Act and added to CRL/OCSP within hours — third-party reliance on the certificate stops immediately, protecting Thousand Lights clients from forged-signature liability.
Section 3A eSign Optionality
Where the use case is one-off signing, Thousand Lights clients are routed to Aadhaar eSign under Section 3A IT Act with Schedule II — no token, no driver, just OTP-based 30-minute signing certificate.
18% GST Input Credit on DSC Fee
DSC services are classified under SAC 998313 attracting 18% GST. GST-registered Thousand Lights clients claim full input tax credit on professional fees and CA charges under Section 16 CGST Act, lowering effective cost by 18%.
Same-Day MCA / GST / Tender Readiness
With paperless Aadhaar e-KYC, Class 3 individual DSC is issued in 30-60 minutes — Thousand Lights clients can file SPICe+, DIR-3 KYC or sign tender bids the same business day.
Section 5 IT Act Legal Equivalence
Documents signed with a Class 3 DSC enjoy Section 5 IT Act 2000 equal legal status with handwritten signatures, admissible in evidence under Section 65B of the Indian Evidence Act 1872 with the mandatory certificate per Anvar P.V. and Arjun Panditrao.
Comparison

Class 3 Signature DSC vs Class 3 Combo DSC

Why this matters here — Across Thousand Lights, the business activity radiating outward from Thousand Lights Mosque and nearby commercial pockets. Practitioners note that with quick access via Thousand Lights Bus Stop and feeder routes connecting Thousand Lights to the rest of Chennai.

AspectClass 3 Signature DSCClass 3 Combo DSC
Who typically needs itDirectors, proprietors, tax practitioners and authorised signatories filing statutory returns — the overwhelming majority of Chennai business usersContractors and vendors bidding on government e-tenders, exporters on ICEGATE tender modules, and applicants filing trademarks or patents where bid or filing data is returned encrypted
Token and standardStored on a FIPS 140-2 Level 2 crypto USB token (ePass2003 / mToken / ProxKey); one key pair and one certificate on the deviceSame FIPS 140-2 Level 2 token but holds two certificates — losing or corrupting the token invalidates both the signing and encryption keys together
Validity and renewalIssued for 1, 2 or 3 years; renewed via fresh Aadhaar/PAN e-KYC before expiry — an expired signature certificate silently blocks the next MCA or GST filingSame 1–3 year validity, but on renewal the encryption certificate must also be re-keyed; data encrypted to the old key cannot be decrypted with the new one, so archive access must be planned before renewal
Indicative costApproximately ₹1,200–₹1,500 one-time inclusive of the token, Aadhaar e-KYC and video verification, for a 2-year certificateApproximately ₹1,800–₹2,500 one-time for the same 2-year term, the premium reflecting the additional encryption key pair and its separate CCA-mandated verification
Statutory basisIssued under Section 35 of the Information Technology Act 2000 read with Rule 23 of the IT (Certifying Authorities) Rules 2000 and the CCA India X.509 Certificate Policy v1.6 (2021) — carries only the signing key pair used for authentication and non-repudiationIssued under the same Section 35 IT Act 2000 framework but provisions two key pairs on one token — a signing certificate plus a separate encryption certificate under the CCA Interoperability Guidelines 2021 for confidentiality of exchanged data
What it actually doesDigitally signs and time-stamps a document so the signer cannot repudiate it — sufficient for MCA21 V3, GST, Income-tax, EPFO, TRACES and ROC filings where only authentication is requiredSigns documents AND decrypts encrypted data — mandatory where the portal encrypts payloads back to the holder, chiefly e-Procurement (GeM, CPPP, state e-tender portals) and IP India trademark/patent e-filing
Documents Required

Documents for Class 3 DSC

Share documents via WhatsApp to 9566-068-468. No office visit required for Thousand Lights clients.

PAN of the applicant (mandatory for both individual and organisation DSC)
Aadhaar of the applicant with Aadhaar-linked mobile number for OTP-based e-KYC
Recent passport-size photograph (live video frame captured during e-KYC)
Mobile and email OTP confirmations for applicant validation under CCA IVG 2021
Authorisation letter on entity's letterhead naming the signatory (organisation DSC only)
Organisation PAN plus GSTIN/CIN/LLPIN proof (organisation DSC only)
Ready to Get Started?
WhatsApp your documents to 9566-068-468 — our team begins within 24 hours. No office visit needed.
Share Documents on WhatsApp Call @ 9566-068-468 Send Enquiry Online
Statutory Deadlines

Compliance deadlines that matter

Miss any of these and the next consequence kicks in automatically.

Deadlines in this neighbourhood — Across Thousand Lights, the cluster of hospitality, healthcare, banking businesses that defines Thousand Lights's commercial fabric.

Trigger eventDaysFormConsequence
Class 3 DSC approaching natural expiry — 1 / 2 / 3 year validity exhausted15 daysFresh DSC application with paperless or video e-KYC; renewal in the same name treated as fresh issuanceRenewal initiated within 15 days before expiry ensures uninterrupted signing capability; certificates that expire mid-filing cycle cause per-day late-fee exposure on MCA forms under Section 403 of the Companies Act and GST late-fee under Section 47
DSC has expired and holder needs to sign filings on MCA / GST / Tendering portalsOn due dateFresh Class 3 DSC issuance — expired certificates cannot be renewed in placeUntil fresh DSC is issued, all signature-mandatory uploads fail; MCA forms attract ₹100 per day per company per form under Section 403; GST returns attract ₹50 per day under Section 47; tender bids missed
USB token containing live DSC is lost, stolen or suspected compromisedOn due dateSection 38 suspension / revocation request to issuing CA, supported by FIR / affidavitImmediate revocation listing on CRL prevents fraudulent use under Section 66C of the IT Act; delay in filing the Section 38 request leaves the certificate live and the holder exposed to mis-use liability until expiry
One-time signing requirement and no Class 3 DSC available (e-Sign alternative)On due dateAadhaar e-Sign single-use signature under Section 3A of the IT Acte-Sign generates and destroys the signing key in a single transaction — no token, no renewal, no recovery; suitable as a stop-gap for one-off filings but not for repeat use because each invocation is a fresh transaction
Class 3 DSC application submitted under Aadhaar OTP paperless e-KYC routeOn due dateApplication form with Aadhaar OTP authentication and PAN verificationSame-day issuance possible if Aadhaar biometric lock is open and OTP delivers; failure of OTP route forces switch to video-verification with 1-2 day SLA, potentially missing same-day signing requirements
Authorised signatory of an organisational DSC ceases to be authorised (resignation, role change, board revocation)On due dateSection 38 revocation request to issuing CA + fresh organisational DSC for the new signatoryOrganisational validity terminates with the underlying authorisation regardless of chronological expiry; continued use exposes the company and the individual to Section 66 / 66C liability and Companies Act compliance defects
DSC holder forgets the token password but certificate is within validityOn due datePassword / PIN reset workflow with issuing CA — typically Aadhaar OTP re-authenticationReset within the certificate validity preserves the remaining months and avoids ₹1,500 fresh-issuance cost; multiple wrong-password attempts trigger token lockout in many models, after which only fresh issuance is possible
Hardware token develops a read-error or LED-failure under warrantyOn due dateHardware-replacement ticket with issuing CA / token vendor; existing certificate re-keyed onto replacement tokenReplacement within 1-3 working days under standard 1-year hardware warranty preserves the existing certificate validity; out-of-warranty failures require fresh DSC issuance

Deadline pressure points we see in Thousand Lights: Where Thousand Lights differs: for Thousand Lights IT-services firms managing export-LUT cycles alongside payroll and TDS.

Forms Library

Forms used in this engagement

Captures subscriber particulars name PAN address email mobile and class requested by applicant.

Records explicit subscriber permission to share demographic and biometric data with Certifying Authority under Aadhaar Act.

Subscriber declaration confirming authenticity of submitted PAN passport voter ID for paper-based applications.

Utility bill bank statement passport substantiating residence for non-Aadhaar verification route.

Board resolution authorising designated signatory to obtain certificate for entity filings.

Entity GSTIN proof submitted for organisation class certificates linked to company filings.

Mandatory identity document cross-verified with Income Tax database during application processing.

Recent colour photograph affixed on physical application or uploaded for digital workflow.

Class 3 DSC in Thousand Lights, Chennai 600006

Thousand Lights (PIN 600006) falls under the Mylapore Division of the Chennai South, the jurisdiction that handles statutory matters for businesses at this PIN. For Class 3 DSC at PIN 600006, understanding the Mylapore Division's documentation norms removes most of the friction from the process. Because PIN 600006 sits inside the Chennai South jurisdiction, the handling office for Thousand Lights stays consistent across years, which matters when filings or approvals span cycles. The 600xx geo-zone covering Thousand Lights groups several locality clusters under common administration, keeping documentation expectations predictable.

Most commerce in Thousand Lights — invoices, expenses, purchases and statutory records — eventually surfaces in the Class 3 DSC working file we maintain for clients here. Each Class 3 DSC cycle for Thousand Lights reflects its commercial rhythm — invoices generated near Thousand Lights Mosque, expenses routed through the Thousand Lights Bus Stop freight network. Freight and foot traffic from the Thousand Lights Bus Stop hub pull steady daily commerce through Thousand Lights, so there is rarely a quiet filing month in this central business and hospitality area pocket. The businesses clustered around Thousand Lights Mosque in Thousand Lights drive the bulk of the Class 3 DSC workload we see each cycle.

We have closed enough Class 3 DSC files for retail firms near Thousand Lights to know where the department usually probes. Sector concentration matters: when Thousand Lights leans toward retail, the Class 3 DSC risks cluster around the same few line items each cycle. The business mix in Thousand Lights centres on retail, and that sector carries its own Class 3 DSC quirks we plan for in advance. The retail firms we serve in Thousand Lights value a Class 3 DSC partner who already understands their sector's compliance rhythm.

Every Class 3 DSC file we open for Thousand Lights is reconciled, reviewed by a qualified practitioner, and archived for seven years. Working papers for Thousand Lights Class 3 DSC engagements stay archived and retrievable, which makes any later notice or query straightforward to answer. Document intake for Thousand Lights clients runs over WhatsApp, so there is no office visit and no paper shuffle for a Class 3 DSC engagement. A Thousand Lights client sees the same Class 3 DSC cadence each cycle: intake, reconciliation, review, filing, acknowledgement.

We treat Thousand Lights and Royapettah as one catchment for Class 3 DSC, which keeps documentation and turnaround consistent. Coverage from Thousand Lights naturally extends to Royapettah, so group entities across the area share one Class 3 DSC workflow. Businesses straddling Thousand Lights and Royapettah get a single Class 3 DSC point of contact rather than two. A client relocating between Thousand Lights and Royapettah keeps the same Class 3 DSC file and the same team.

The longer we serve Thousand Lights, the more precisely we predict where a Class 3 DSC file needs attention. Common patterns in the Mylapore Division give Thousand Lights businesses an early-warning map we use to pre-empt Class 3 DSC issues. Patterns we track for Thousand Lights include hospitality documentation gaps, timing mismatches, and the questions the Mylapore Division tends to raise. Recurring gaps in Thousand Lights hospitality records are the first thing our Class 3 DSC review closes out.

Shifting principal place of business to Thousand Lights means updating jurisdiction to the Chennai South, and we manage the paperwork end-to-end. A startup setting up near Apollo Hospital Sentinel Tower in Thousand Lights gets a Class 3 DSC foundation built for the Mylapore Division from day one. Incorporating in Thousand Lights comes with jurisdiction, registration and Class 3 DSC steps that we sequence so nothing stalls the launch. New retail ventures in Thousand Lights lean on us to stand up Class 3 DSC correctly before the first deadline rather than after a notice.

4.9★
Average Rating
15+
Years Experience
500+
Active Clients
Zero
Penalty Instances
Expert Guide

Class 3 DSC in Thousand Lights — Complete Guide

Effective 1 January 2021, the Controller of Certifying Authorities discontinued issuance of Class 2 DSCs across all licensed CAs. From that date, Class 3 has been the only PKI-based digital signature certificate issued in India for individuals and organisations. Thousand Lights clients renewing older Class 2 certificates are migrated to Class 3 with full re-verification under the CCA Identity Verification Guidelines 2021.

Class 3 DSC in Thousand Lights, Chennai

Class 3 Digital Signature Certificates issued in Thousand Lights under Section 35 of the IT Act 2000 by CCA-licensed Certifying Authorities — paperless Aadhaar OTP e-KYC, FIPS 140-2 USB token and 2-year standard validity. Class 2 DSC deprecated 1-Jan-2021.

Class 3 DSC for Individuals in Thousand Lights — Director / ITR Signing

Class 3 individual DSC for Thousand Lights directors, partners and proprietors — used for MCA DIR-3 KYC, SPICe+ incorporation, Income Tax ITR signing under Section 140 of the Income-tax Act and personal e-Tendering. Same-day Aadhaar e-KYC issuance.

Class 3 Organisation DSC in Thousand Lights — GST / TRACES / IceGate

Class 3 organisation DSC for Thousand Lights companies and LLPs — used for GST authorised signatory under Rule 26 CGST Rules, TRACES Form 24Q/26Q TDS filing under Section 200(3) Income-tax Act, IceGate Customs and DGFT IEC. Authorisation letter and CIN/GSTIN proof required.

Aadhaar e-KYC vs Video KYC vs In-Person Verification under CCA IVG 2021

CCA Identity Verification Guidelines 2021 permit three modes — paperless Aadhaar OTP e-KYC, video-based verification with original document display, and in-person verification before a CA-authorised officer. Choice depends on Aadhaar mobile linkage and applicant location.

Get Expert Help Today
Qualified professionals handle your Class 3 DSC in Thousand Lights. WhatsApp documents — we begin within 24 hours. From ₹1,500/one-time. Free consultation.
WhatsApp for Free Consultation Call @ 9566-068-468
From ₹1,500/one-time
15+ years experience
Zero penalties guaranteed
Offices at Maduravoyal, Nerkundram & Nolambur (upcoming)
Key Facts — Class 3 DSC in Thousand Lights
Class 3 DSC issued by CCA-licensed Certifying Authorities under Section 35 of the IT Act 2000 — eMudhra, Protean (NSDL e-Gov), Sify Safescrypt, Capricorn, IDsign, VSign — all officer-acceptable for Thousand Lights clients.
Paperless Aadhaar OTP e-KYC under CCA Identity Verification Guidelines 2021 — same-day issuance with no physical document movement for Thousand Lights applicants.
Class 2 DSC deprecated effective 1 January 2021 per CCA notification dated 17 December 2020 — Class 3 is the only PKI-based DSC issued in India today.
FIPS 140-2 Level 2 USB tokens supplied — ePass2003, Watchdata ProxKey, Trust Key — private key non-exportable and hardware-bound as mandated by CCA Interoperability Guidelines.
Section 5 of the IT Act 2000 grants digital signatures equivalent legal status to handwritten signatures — admissibility under Section 65B Indian Evidence Act per Anvar P.V. (2014) and Arjun Panditrao Khotkar (2020).
Class 3 organisation DSC issued in entity's name with authorisation letter, board resolution and organisation PAN+GSTIN/CIN — accepted on GST, TRACES and tender portals for Thousand Lights corporate clients.
MCA SPICe+ incorporation, DIR-3 KYC, AOC-4, MGT-7, INC-22 and DPT-3 e-forms signed with Class 3 individual director DSC under MCA21 portal rules.
GST authorised-signatory DSC under Rule 26(1) CGST Rules — mandatory for companies and LLPs and supported for proprietorships seeking DSC mode over EVC.
Aadhaar eSign under Section 3A of the IT Act 2000 offered as parallel one-time-signature option for Thousand Lights clients needing single-document signing without USB token.
Revocation, CRL publication and OCSP coverage handled per Section 38 IT Act and CCA Interoperability Guidelines — token loss, employment change and key compromise covered.
People Also Ask — Class 3 DSC in Thousand Lights
Is Class 2 DSC still valid in India in 2026?
No. Class 2 DSCs are not issued by any CCA-licensed Certifying Authority since 1 January 2021 pursuant to the CCA notification dated 17 December 2020. Existing Class 2 DSCs were valid only till the end of their original validity tenure and have not been renewed thereafter. Class 3 DSC is now the only PKI-based digital signature certificate issued in India alongside the parallel Aadhaar eSign framework under Section 3A of the IT Act 2000.
How long does Class 3 DSC issuance take in Thousand Lights?
With Aadhaar OTP e-KYC and a pre-loaded FIPS 140-2 USB token, Class 3 individual DSC for Thousand Lights clients is issued within 30-60 minutes of application. Video KYC issuance during CA business hours takes 2-4 working hours. Class 3 organisation DSCs requiring authorisation letter, board resolution and entity-document verification take up to 1 working day.
What is the standard validity of a Class 3 DSC?
Class 3 DSCs are issued with 1-year, 2-year or 3-year validity at the applicant's option under Section 35 of the IT Act 2000. Two-year validity is the most commonly issued tenure in India. Validity is encoded into the certificate at issuance and cannot be extended later — on expiry, fresh Aadhaar e-KYC or video KYC is required for re-issuance.
Can I use one Class 3 DSC for both MCA and GST filings?
Yes for individuals — a Class 3 individual DSC of a director can sign MCA SPICe+, DIR-3 KYC and AOC-4 e-forms and the same individual DSC can be added as authorised signatory on the GST portal for the same person. For corporate filings on GST and TRACES under the entity's name, a Class 3 organisation DSC is preferred and is mandatory in many tendering scenarios.
What happens if the USB token containing my DSC is lost?
The DSC must be reported to the issuing CA under Section 38 IT Act 2000 for revocation. The certificate is added to the Certificate Revocation List (CRL) and OCSP responder under the CCA Interoperability Guidelines. A fresh USB token is purchased, full Aadhaar e-KYC re-verification is performed and a new DSC is issued — the lost certificate cannot be transferred because the private key was hardware-bound.
Is Aadhaar eSign a substitute for Class 3 DSC?
Aadhaar eSign under Section 3A IT Act 2000 read with Schedule II is suitable for one-time signing of single documents (loan agreements, e-NACH mandates, digital onboarding) where the signer is an Indian resident with Aadhaar. It is not a substitute for Class 3 DSC where repeated signing is required across MCA, GST, TRACES and tender portals — those portals expect a long-term PKI certificate stored on a hardware token, not a 30-minute eSign certificate.
How long does it take to get a Class 3 DSC in Chennai?

With Aadhaar-based paperless e-KYC and video verification, a Class 3 DSC is typically issued the same working day. Delays arise only when the mobile number is not linked to Aadhaar or the applicant's name mismatches between PAN and Aadhaar.

What documents are needed for a Class 3 individual DSC?

For Aadhaar e-KYC: PAN, Aadhaar-linked mobile for OTP, a passport-size photo and a short video verification. For paper-based KYC: self-attested PAN and address proof attested by a gazetted officer or banker. The applicant's mobile and email must be their own.

How much does a Class 3 DSC cost?

A Class 3 signature DSC costs approximately ₹1,200–₹1,500 one-time for a 2-year certificate including the FIPS 140-2 Level 2 USB token, Aadhaar e-KYC and video verification. A combo (sign + encrypt) DSC costs approximately ₹1,800–₹2,500 for the same term.

What validity period should I choose for a Class 3 DSC?

Class 3 DSCs are issued for 1, 2 or 3 years. A 2-year term is the common choice — it balances cost against re-verification effort. The certificate cannot be extended; a fresh e-KYC is required at renewal, so renew a few days before expiry to avoid a filing block.

Can one Class 3 DSC be used on multiple government portals?

Yes. A single Class 3 signature DSC works across MCA21 V3, GST, Income-tax, TRACES, EPFO, ICEGATE and DGFT once registered on each portal. It must be registered under the correct role on each site — for example mapped to the authorised signatory on the GST portal under Rule 26.

What happens if my Class 3 DSC token is lost or damaged?

The certificate on a lost or corrupted FIPS token cannot be recovered — the private key never leaves the device by design. You must apply for a fresh certificate with new e-KYC and re-register it on every portal. Report misuse risk to the issuing Certifying Authority for revocation.

What Thousand Lights clients want to know before signing: Where Thousand Lights differs: around the Thousand Lights Mosque catchment of Thousand Lights.

Expert Guide

A complete walkthrough — Class 3 Dsc

Reading this guide locally — Across Thousand Lights, in the central business and hospitality area micro-market of Thousand Lights.

What is a Class 3 Digital Signature Certificate

Statutory basis under the Information Technology Act 2000

A Digital Signature Certificate (DSC) is an electronic credential issued by a licensed Certifying Authority (CA) that binds a public-key cryptographic key-pair to the identity of a subscriber, enabling the subscriber to digitally sign electronic records with legal effect equivalent to a handwritten signature. The Indian framework is established under the Information Technology Act 2000, which received Presidential assent on 09-06-2000 and was inspired by the UNCITRAL Model Law on Electronic Commerce 1996 adopted by the United Nations Commission on International Trade Law in resolution 51/162 of 16-12-1996. Sections 35 to 39 of the IT Act 2000 set out the framework for issuance, suspension and revocation of Digital Signature Certificates, while Section 17 establishes the office of the Controller of Certifying Authorities (CCA) as the apex regulator of the DSC ecosystem in India.

Class 3 versus retired Class 2 certificates

Historically, DSCs were issued in three classes — Class 1, Class 2 and Class 3 — corresponding to progressively higher levels of identity verification. Class 1 was issued on the basis of an email-address verification alone and was suitable for low-value transactions. Class 2 was issued on the basis of identity-document and address-document verification and was the workhorse certificate for income-tax e-filing, MCA21 and most government portals for over a decade. Class 3 has historically required in-person verification or video-verification with biometric authentication and was reserved for high-value transactions such as e-tendering and e-procurement. The CCA's Office Order of 28-12-2020 mandated the discontinuance of Class 2 DSC from 01-01-2021, leaving Class 3 as the single class of DSC for all use-cases. The transition was completed by mid-2021 with the entire ecosystem migrated to Class 3 by issuing CAs.

Electronic signature under Section 3A of the IT (Amendment) Act 2008

The IT (Amendment) Act 2008, which came into force on 27-10-2009, inserted Section 3A in the IT Act 2000 to recognise a broader category of electronic signature in addition to the Digital Signature Certificate based on asymmetric cryptography. Section 3A enables the Central Government to notify by rule any electronic signature technique that is reliable as defined in the section. The notification under Section 3A enabled the Aadhaar-based e-Sign service launched in 2015, under which a subscriber authenticates via Aadhaar OTP or biometric and a one-time certificate is issued for the immediate signing transaction. Class 3 DSC and e-Sign coexist as alternative authentication mechanisms, with Class 3 DSC being the preferred mode for multi-use and high-value transactions and e-Sign being the preferred mode for single-transaction citizen-facing workflows.

Class 3 DSC versus Aadhaar e-Sign comparison

Cost economics and operational overhead

Class 3 DSC carries an upfront cost typically in the range of ₹1500 to ₹3000 for a two-year individual certificate including the USB token, with Organisation and Combo variants at ₹3000 to ₹6000 and Document Signer Certificate on HSM at ₹15000 to ₹50000 depending on the throughput configuration. Renewal at two-year intervals carries similar costs. Aadhaar e-Sign is priced per transaction, typically ₹5 to ₹25 per signing event depending on the volume tier and the e-Sign Service Provider, with no upfront cost and no hardware procurement. The crossover point between the two cost models is approximately 100 to 200 signing events per year — below which e-Sign is more economical, above which DSC is more economical. The crossover point is reached easily by any active professional or compliance officer but rarely by an individual citizen.

Validity and reusability

Class 3 DSC and Aadhaar-based e-Sign are both recognised under the IT Act 2000 framework (DSC under Sections 35-39 and Schedule II, e-Sign under Section 3A inserted by the IT (Amendment) Act 2008 and the Rules thereunder) but differ materially in their operating characteristics. A Class 3 DSC is a multi-use credential with a validity of one, two or three years (two years being the most common), allowing the subscriber to use the same certificate for an unlimited number of signing transactions during the validity period. An e-Sign certificate is a single-transaction credential with a validity of approximately thirty minutes, issued just-in-time for a specific signing event and rendered inoperative once the transaction is complete. The reusability difference makes DSC the preferred choice for high-frequency signers and e-Sign the preferred choice for occasional consumer-facing transactions.

Hardware token versus software-only

Class 3 DSC requires a FIPS 140-2 Level 2 hardware cryptographic token to store the private key, with the token costing approximately ₹500 to ₹1500 in addition to the certificate fee. The token must be physically present at the signing workstation and the user must enter the token PIN to authorise each signing operation, providing a strong two-factor (something-you-have plus something-you-know) authentication model. Aadhaar e-Sign is purely software-based with no hardware token: the signer authenticates via Aadhaar OTP and the certificate-issuance, key-generation, signing and certificate-archival all happen at the e-Sign Service Provider's secure server, with no client-side cryptographic material at any point. The architectural difference makes e-Sign much more accessible (no hardware procurement, no installation) but DSC more secure against server-side compromise scenarios.

Renewal, surrender and lifecycle management

Re-issuance procedure

A Class 3 DSC's natural validity ends on the notAfter date specified in the certificate (typically two or three years from issuance). The certificate cannot be extended in situ; instead, the subscriber must initiate a re-issuance procedure with the issuing CA at least thirty days before expiry to allow time for re-authentication and token re-flashing. Re-issuance under the CCA Identity Verification Guidelines 2018 requires the subscriber to re-authenticate via Aadhaar OTP (or the alternative pathway used at initial issuance), to confirm or update any subscriber-detail changes since the previous issuance, and to receive the new certificate either on the same physical token (which is re-flashed with the new key-pair) or on a fresh token. The old certificate is either deactivated on its natural expiry or revoked under Section 38 if the re-issuance precedes natural expiry by more than ninety days.

Change of subscriber details

Where any of the subscriber's identifying details captured in the X.509 Subject Distinguished Name changes during the certificate's validity period (change of name on Aadhaar following marriage, change of organisation name following corporate rebranding, change of authorised-signatory designation following internal reorganisation), the existing certificate becomes inconsistent with the underlying subscriber record. The CCA Identity Verification Guidelines require that the subscriber initiate a change-of-particulars request with the issuing CA, leading to revocation of the existing certificate and re-issuance of a fresh certificate with the updated details. The change-of-particulars process is not free: it carries a fee equivalent to fresh issuance, since cryptographically the new certificate is a wholly new key-pair and certificate body rather than an amendment of the existing certificate.

Surrender on cessation of need

Where the subscriber no longer requires the Class 3 DSC (retirement, change of profession, dissolution of the entity), the subscriber may surrender the certificate to the issuing CA under the Section 38 revocation framework. Surrender is in substance a revocation initiated at the subscriber's request, with no underlying compromise or wrongdoing. The CA processes the surrender, publishes the certificate serial number on the CRL and OCSP responder, and confirms the surrender to the subscriber. Surrender is good operational hygiene because it prevents an inactive certificate from being misused if the physical token falls into unauthorised hands, and it allows the subscriber to maintain a clean record at the CA for any future re-engagement. The token itself can be retained as a physical artifact or destroyed depending on the subscriber's preference.

Recent developments and reforms in the DSC framework

MCA21 v3 launch and signature-validation strengthening

The launch of MCA21 v3 in 2023 (rolled out in phases beginning January 2023 and completed across all form-categories by mid-2024) brought with it a significant strengthening of the signature-validation logic. The v3 platform replaced the daily-CRL-cache architecture of v2 with real-time OCSP queries for revocation status, replaced the PKCS#7 attached-signature format with the more compact detached-signature format, introduced Subject DN-to-MCA-record reconciliation at the form-validation stage (so that a signature mismatch is flagged immediately rather than at the post-filing review stage), and tightened the supported-CA list to remove certain legacy intermediate certificates. The cumulative effect was to make MCA21 v3 the most signature-stringent of the major Indian government portals, and the platform on which DSC environment-validation matters most.

RBI Master Direction on Digital Signing 2023

The Reserve Bank of India's Master Direction on Digital Signing, issued in 2023 and applicable to regulated entities (banks, NBFCs, insurance companies and select fintech firms), codified the sector-specific requirements for Class 3 DSC procurement and use within the financial services sector. The Master Direction mandates Class 3 Combo certificates with FIPS 140-2 Level 2 token storage, requires the certificate's Subject Alternative Name to include the regulated entity's RBI Certificate of Registration number, prescribes a maximum certificate validity of two years (rather than the three-year general maximum) to enforce more frequent re-authentication, and requires the regulated entity to maintain a comprehensive DSC audit trail covering issuance, use, renewal and revocation events. The Master Direction also requires regulated entities to maintain a DSC-incident-response procedure aligned to the broader RBI Cybersecurity Framework.

Cryptographic algorithm migration to RSA-3072 and beyond

The CCA's 2022 Cryptographic Guidelines initiated a planned migration from RSA-2048 to RSA-3072 for new subscriber certificates issued from 01-01-2025 onwards, in line with the international cryptographic-strength roadmap published by the US National Institute of Standards and Technology (NIST Special Publication 800-57) and the recommendations of the Brussels-based ENISA on post-quantum-readiness preparatory measures. The 3072-bit RSA key provides approximately 128 bits of equivalent symmetric-cryptographic strength, considered adequate against classical-computing attacks through 2030. The longer-term roadmap contemplates a migration to post-quantum cryptographic algorithms (likely the NIST-standardised CRYSTALS-Dilithium signature scheme) by 2030-2035, with the CCA expected to issue specific transition guidance closer to that timeline as the post-quantum cryptography standards mature into deployable implementations.

What Thousand Lights clients usually ask next: Where Thousand Lights differs: for Thousand Lights IT-services firms managing export-LUT cycles alongside payroll and TDS.

Glossary

Plain-English glossary for this service

Video verification e-KYC

Issuance route for a Class 3 DSC where the applicant records a short verification video reading an OTP and displaying PAN and Aadhaar documents. Used when Aadhaar OTP route is unavailable due to biometric lock, mobile-number mismatch or NRI status. Standard SLA is 1-2 working days and is the only route available for many organisational and NRI applications.

USB token FIPS 140-2 Level 2

Cryptographic hardware token compliant with the United States National Institute of Standards Federal Information Processing Standard 140-2, Security Level 2. The CCA mandates that all Class 3 DSCs be stored on a FIPS 140-2 Level 2 (or higher) certified hardware token. The private key never leaves the token and signing operations are performed inside the token's secure element.

ePass

A widely used FIPS 140-2 Level 2 USB cryptographic token manufactured by Feitian, sold in India as ePass 2003 and ePass 2003 Auto. Compatible with all major Indian Certifying Authorities and supports the standard PKCS#11 interface used by browser plug-ins and signing utilities on MCA, GST and IT portals.

MTok

A FIPS 140-2 Level 2 USB cryptographic token sold primarily by eMudhra-affiliated channels. Functionally equivalent to ePass and ProxKey for Indian DSC use; users select between models based on price, channel availability and driver compatibility with the workstation operating system.

ProxKey

A FIPS 140-2 Level 2 USB cryptographic token from Watchdata, commonly bundled with Capricorn and Sify DSC issuances. Like ePass and MTok, ProxKey carries the holder's signing certificate and optional encryption certificate, and uses PKCS#11 for portal-side integration.

Hard token

Synonym for a physical FIPS 140-2 Level 2 USB cryptographic device that holds the Class 3 DSC. Contrasted with a soft token (file-based PKCS#12 store) which is not permitted for Class 3 by the CCA — soft tokens were the norm for retired Class 1 and Class 2 DSCs.

Soft token

A file-based cryptographic credential store (typically a PKCS#12 .pfx file) where the private key is encrypted under a passphrase but stored on the workstation file system. Not permitted by the CCA for Class 3 DSC issuance after the 2021 class-retirement. Still encountered in legacy SSL client-authentication and obsolete Class 2 DSC files.

X.509

The International Telecommunication Union standard for the format of public-key certificates, including the subject distinguished name, issuer distinguished name, validity period, public key, key-usage extensions and the issuing CA's digital signature over the certificate. Every Indian Class 3 DSC is an X.509 v3 certificate.

Public key

The freely shareable half of an asymmetric cryptographic key pair. In a DSC the public key is embedded in the X.509 certificate and is used by any verifier to validate a digital signature created by the corresponding private key. The public key cannot be used to forge signatures or decrypt data encrypted to it.

Private key

The secret half of an asymmetric cryptographic key pair. For Class 3 DSCs the private key is generated inside the FIPS 140-2 Level 2 hardware token and cannot be exported; all signing operations are performed by the token internally. Loss of control of the private key (lost or stolen token) requires immediate Section 38 suspension with the issuing CA.

Certificate Revocation List

A digitally signed list, published periodically by every Certifying Authority, of certificates that have been revoked before their natural expiry — due to compromise, loss of token, change of role, or voluntary surrender. Verifiers (MCA, GST, IT portals) check the CRL or query an OCSP responder before accepting a digital signature.

Certifying Authority

An entity licensed by the Controller of Certifying Authorities under Section 24 of the IT Act 2000 to issue Digital Signature Certificates in India. As of date, the live CAs include eMudhra, Sify Communications, (n)Code Solutions, Capricorn Identity Services, IDSign, Verasys and a handful of others. Each CA's certificates are valid pan-India and across all government portals.

By Industry

Industry-specific patterns in Thousand Lights

How the local trade mix shapes this — Across Thousand Lights, the business activity radiating outward from Thousand Lights Mosque and nearby commercial pockets.

Healthcare
Common issue: Diagnostic centres, small hospitals and pharmacies registered with the Central Drugs Standard Control Organisation under SUGAM and with the State Drug Controllers under their respective licensing portals are required to authenticate sensitive batch-recall and pharmacovigilance submissions using Class 3 DSC. The sector-specific portals frequently require a Class 3 DSC with the medical institution's licence number embedded in the Subject Alternative Name (SAN) extension of the X.509 certificate, a non-standard requirement that operators discover only at the point of filing failure.
How we handle it: At the time of Class 3 DSC procurement, specifically request the issuing CA to include the CDSCO licence number, NABL accreditation number or NABH accreditation number in the Subject Alternative Name extension of the X.509 certificate under the otherName field as permitted by RFC 5280; verify the SAN content after issuance using Windows Certificate Viewer or OpenSSL; where the existing certificate lacks the SAN field, request a no-charge re-issuance under the CA's mis-specification remediation framework rather than purchasing a fresh certificate.
Healthcare
Common issue: Multi-doctor partnership clinics and LLPs face an internal-governance issue where the Class 3 DSC of a retiring or deceased partner remains active until expiry, leaving the firm exposed to unauthorised signing during the transition period. The IT Act 2000 Section 38 confers the power to revoke a Digital Signature Certificate on the subscriber or on the Certifying Authority, but the revocation must be formally initiated, and the certificate continues to be operationally valid until added to the CCA's Certificate Revocation List under RFC 5280 or marked revoked on the OCSP responder under RFC 6960.
How we handle it: Include a standard partner-exit protocol in the LLP agreement and partnership deed requiring immediate surrender of the Class 3 DSC token and submission of a revocation request to the issuing CA within seventy-two hours of the partner's exit; preserve the revocation acknowledgement from the CA on the firm's records; verify CRL and OCSP status using the issuing CA's online verification tool; for deceased-partner cases obtain the death certificate and the legal-heir consent letter as required by the CCA's revocation procedure under Section 38 of the IT Act.
Construction Contractors
Common issue: Construction contractors executing joint-venture arrangements with foreign partners for international-funded projects (ADB, World Bank, JICA) face complexity around which jurisdiction's electronic signature governs the JV agreement and the lender's procurement documents. The Singapore Electronic Transactions Act 2010 (which adopts the UNCITRAL Model Law on Electronic Signatures 2001 verbatim) is commonly chosen as the governing law for ADB-funded contracts, and an India Class 3 DSC is accepted as a reliable electronic signature under Section 8 of the Singapore ETA on the basis of UNCITRAL mutual-recognition, but the procedural authentication still requires a certificate-chain extract.
How we handle it: Pair the India Class 3 DSC with a Certificate-Chain Extract issued by the issuing CA (showing the CCA India root, the issuing CA intermediate, and the subscriber certificate) and an apostille or notarised copy of the CCA's CPS (Certification Practice Statement) for production before the ADB Procurement Review Panel or the World Bank's procurement disputes resolution forum; cross-reference the UNCITRAL Model Law 2001 Article 12 mutual-recognition clause in any JV-agreement dispute-resolution argument; consider a parallel eIDAS Qualified Signature for the EU partner's home-jurisdiction comfort.
Textile and Garment
Common issue: Textile and garment exporters in Tirupur, Chennai and Erode cluster locations file daily shipping-bill amendments on ICEGATE and RoSCTL/RoDTEP claims on the DGFT portal using Class 3 DSC. Exporters frequently use the same token across the merchant exporter, the supporting manufacturer and the export-house head office, on the assumption that all three entities share common signatory directors. The DGFT portal's IEC-mapping logic and ICEGATE's BIN-mapping logic both verify the certificate's Subject DN against the entity's authorised signatory record, leading to selective rejections.
How we handle it: Procure a separate Class 3 Organisation DSC for each legal entity (merchant exporter, supporting manufacturer, export house) with the entity's CIN or PAN reflected in the Organisation field of the X.509 Subject DN; maintain a cluster-level DSC register if the exporter operates under a textile-cluster identifier; reconcile the DSC-to-entity mapping with the IEC and BIN master records at quarterly intervals; for high-frequency exporters consider a Class 3 Document Signer Certificate on HSM for unattended bulk shipping-bill signing through the ICEGATE ASP integration.
Real Estate
Common issue: Real-estate developers registered under RERA and operating under joint-development agreements with multiple landowners commonly require Class 3 DSC for the developer's authorised signatory to file RERA quarterly updates, RERA Form-7 statutory submissions and the corresponding income-tax and GST filings. Developers frequently overlook that some state RERA portals (notably MahaRERA, K-RERA and TNRERA) require a Class 3 DSC specifically issued in the name of the company's authorised signatory as recorded in the RERA registration certificate, not a general director-level DSC.
How we handle it: Identify the authorised signatory recorded in the RERA registration certificate for each project (where the same developer has multiple projects, the signatory may differ project-to-project); procure a Class 3 Organisation DSC in that specific signatory's name with the developer company's CIN in the Organisation Unit field; reconcile the RERA-authorised-signatory record with the company's MCA21 DIR-3 KYC record to ensure consistency; refresh the DSC in advance of the quarterly RERA-Form-7 filing window to avoid mid-window expiry.
Case Studies

Anonymised engagements we have handled

Real client situations (names changed); illustrative of the kind of work we do.

Validity expiryCorporate Compliance

DSC validity expired mid-AOC-4 filing — 6 of 18 March-31 deadline filings hit late fee

Issue: An 18-company audit portfolio was being uploaded on MCA V3 between 25-March and 31-March. On 28-March the director DSC of a holding-company nominee, common across 6 group entities, expired. The expiry date had been masked in the token-listing utility because the renewal reminder had been sent to a resigned employee's email. Six AOC-4 filings stalled with the 'DSC not valid' error mid-upload. Per-day delay penalty under Section 403 is ₹100 per company per day with no upper limit.
Approach: Triggered fresh Class 3 paperless e-KYC issuance with eMudhra under Aadhaar OTP for same-day delivery; parallelly re-validated the director DIN-DSC association on MCA after the new certificate was downloaded into a fresh ePass token. Used the affidavit-based delay-condonation reasoning in the cover note while uploading on 29-March. For 2 entities where the auditor DSC was also stale, refreshed both signatories through video-verification e-KYC the same evening with a 1-day SLA.
Outcome: 5 of 6 AOC-4 forms uploaded on 29-March with the new DSC, escaping any per-day penalty; 1 entity slipped 1 day attracting ₹100 fee; no Section 92 delay because MGT-7 was already filed; new 2-year DSC validity captured in the firm's compliance calendar with 45-day pre-expiry alerts.
Token lossTendering

Lost ePass token containing live DSC — Section 38 suspension filed within 4 hours

Issue: A government-tendering proprietor lost his ePass 2003 USB token on a flight transit. The token held a 22-month-remaining Class 3 organisational DSC mapped to GeM and CPPP portals worth ₹4.6 crore of active bid commitments. Public-key fingerprint of the lost DSC was already on 3 live tender PDFs. Risk of mis-use under Section 66C of the IT Act and bid-bond forfeiture if a competing bidder picked up and signed.
Approach: Within 4 hours of loss, filed Section 38 IT Act suspension request with the issuing CA (eMudhra) supported by an FIR copy filed at the originating airport police station. Triggered the CRL (certificate revocation list) update so any document signed after the suspension hour would fail signature-verification. Parallelly applied for a fresh Class 3 DSC under paperless e-KYC with same-day issuance on a fresh FIPS 140-2 Level 2 hard token. Mapped the new DSC to GeM and CPPP portals on day 2 and re-signed all 3 live bid PDFs with the new key.
Outcome: Lost DSC entered CRL within 6 hours; no fraudulent signature surfaced in the next 90 days; 3 live bids re-signed with the new key before the bid-opening date; ₹4.6 crore tender pipeline preserved; firm now mandates dual-token policy for all bid-signing directors.
e-KYC failureProfessional Services

Aadhaar OTP e-KYC failed on biometric lock — switched to video verification same evening

Issue: A 64-year-old practising chartered accountant applied for a fresh 2-year Class 3 DSC for GST and IT-portal signing 2 days before his existing certificate's expiry. The Aadhaar OTP e-KYC route failed at the biometric-lock stage because the applicant had locked his Aadhaar biometrics on UIDAI 3 years earlier and forgotten the unlock PIN. The unlock-PIN reset itself takes 1-2 working days, but the practitioner had 11 GST returns and 4 ITR uploads scheduled in the next 48 hours.
Approach: Switched the application from Aadhaar OTP route to video-verification e-KYC same evening with a Class 3 sub-CA (Sify). Pre-recorded the verification video reading the OTP and showing PAN and Aadhaar card in a single take. Submitted within the 1-2 day SLA window. In parallel filed the UIDAI biometric-unlock request as fallback. Loaded the new DSC onto a fresh MTok token and tested digital-signing on the GST portal before the first morning return upload.
Outcome: DSC issued within 22 hours through video verification; 11 GST returns and 4 ITR uploads completed within the 48-hour scheduling window; no late fees on any return; biometric unlock arrived 2 days later as the secondary recovery channel; old DSC let to expire naturally without revocation cost.
Authorisation linkageManufacturing

Organisational DSC validity terminated on directorship change — 9 days of MCA filings paused

Issue: A whole-time director of a manufacturing company resigned mid-quarter. His Class 3 organisational DSC, which carried the company name and his designation in the X.509 'OU' field, became conceptually invalid for organisational signing the moment his Form DIR-12 was effective, even though the certificate's chronological validity ran 14 more months. Authorised-signatory dependency under the Companies Act invalidates organisational DSCs at the authorisation level, not the calendar level.
Approach: Issued a fresh Class 3 organisational DSC in the name of the incoming director with eMudhra under paperless e-KYC, with the company's authorisation letter and board-resolution extract attached. Concurrently revoked the outgoing director's organisational DSC under Section 38 to prevent inadvertent re-use of the still-chronologically-valid token. Updated MCA, GST, EPFO, and ESIC portal signatory mappings with the new DSC within 9 days. Filed DIR-12, MGT-14, and the consequent INC-22A within the same window.
Outcome: New organisational DSC issued in 1 working day; outgoing director's DSC revoked and added to CRL; all 4 portal signatory updates completed in 9 days; 7 MCA / GST filings backlogged in those 9 days cleared without per-day delay penalty because triggers were within the statutory 30-day window.

Why these Thousand Lights engagements look the way they do: Where Thousand Lights differs: the cluster of hospitality, healthcare, banking businesses that defines Thousand Lights's commercial fabric. We see for Thousand Lights IT-services firms managing export-LUT cycles alongside payroll and TDS.

Client Reviews

What Thousand Lights Clients Say

Ramesh K
Class 3 DSC
“Needed Class 3 individual DSC for incorporating a private limited company. FilingPro completed the Aadhaar OTP e-KYC over WhatsApp and the DSC was loaded onto the ePass2003 token within 45 minutes. Used it the same evening for SPICe+ filing on MCA21. Smooth and paperless.”
3 weeks agoVerified Client
Latha S
Class 3 DSC
“Required organisation DSC for our GST authorised signatory. FilingPro drafted the board resolution and authorisation letter, coordinated with the CA for video KYC and we received the DSC the next morning. Replaced our older Class 2 DSC which had expired post-Jan-2021 deprecation.”
1 month agoVerified Client
Vinay M
Class 3 DSC
“Multi-director DSC pack for our 5-director board needed for SPICe+ and tender bidding. FilingPro coordinated all 5 Aadhaar e-KYCs in one day, supplied premium Watchdata tokens with encryption-signing pair and we were tender-ready by next working day. The premium pack saved significant time.”
2 months agoVerified Client
Suresh P
Class 3 DSC
“My USB token got locked after multiple wrong PIN attempts. FilingPro explained that the certificate had to be re-issued — the private key on the token cannot be recovered. They processed a fresh Aadhaar e-KYC the same day and a new 2-year DSC was loaded. Clear technical explanation, no nonsense.”
6 weeks agoVerified Client
Deepa R
Class 3 DSC
“Needed Class 3 DSC urgently for TRACES TDS return filing — last day of the quarter. FilingPro arranged Aadhaar OTP e-KYC within an hour, the DSC was issued same-day and we filed Form 24Q before midnight. Saved us a Section 234E late fee. Excellent crisis response.”
2 months agoVerified Client
Kannan V
Class 3 DSC
“Renewed our company's organisation DSC after 2-year expiry. FilingPro reused the existing authorisation letter and entity documentation, only fresh signatory Aadhaar e-KYC was needed, and the new DSC came through in half a day. Smooth renewal cycle, no surprises on documentation.”
4 weeks agoVerified Client
4.9
312+ reviews
500+
Active Clients
15+
Years Exp
5★
4★
3★
Common Questions

Class 3 DSC FAQ — Thousand Lights

Common questions from Thousand Lights clients. Call 9566-068-468 for specific queries.

A digitally signed electronic record is admissible in evidence under Section 65B of the Indian Evidence Act 1872 read with Section 5 of the IT Act 2000. The Supreme Court in Anvar P.V. v. P.K. Basheer (2014) 10 SCC 473 held that a Section 65B(4) certificate is mandatory for electronic records, and in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1 reaffirmed the mandatory nature of the certificate, overruling Shafhi Mohammad.
DSCs are issued under Section 35 read with Rule 23 of the IT (CCA) Rules with validity options of 1 year, 2 years or 3 years. Two-year validity is the most commonly issued tenure. Validity is encoded in the certificate itself and cannot be extended — on expiry a fresh DSC issuance procedure with re-verification of identity is required.
No. The Class 3 DSC fee we quote upfront is the fee you pay — any government fees or third-party charges are shown separately and explained in advance. Thousand Lights clients get full transparency before committing.
A lost or damaged token containing a valid DSC must be reported to the issuing CA who will revoke the DSC and add it to the CRL. A fresh USB token is purchased, full Aadhaar e-KYC re-verification is performed and a new DSC is issued. The previous certificate cannot be "transferred" to the new token because the private key is hardware-bound and was destroyed with the lost device.
Companies and LLPs registered under GST are mandatorily required to file using Class 3 DSC of the authorised signatory under Rule 26(1) of the CGST Rules. Proprietorships, partnerships and HUFs may file using EVC (Aadhaar OTP) but DSC is permitted as an alternative. GST authorised-signatory DSC is most commonly an organisation Class 3 DSC.
WhatsApp 9566-068-468 anytime and we respond as soon as we can, including outside standard hours for urgent Class 3 DSC matters. Thousand Lights clients value not being tied to a strict 10-to-5 window.
The CCA is appointed under Section 17 of the IT Act 2000 and licenses Certifying Authorities under Section 21. The CCA exercises supervision under Sections 18-20, lays down standards (Section 19), and operates the Root Certifying Authority of India (RCAI). Licensed Certifying Authorities (CAs) currently include eMudhra, NSDL e-Governance (Protean), Sify Safescrypt, Capricorn, IDsign, VSign, NIC and IndusInd-RA. The CCA portal is cca.gov.in.
DSCs come in two functional types — signing (used for digital signatures and authentication) and encryption (used to encrypt documents that only the certificate holder can decrypt). For tendering on CPPP and GeM both signing and encryption certificates are typically required. Encryption certificates do not produce a signature in the legal sense; their statutory framework is the IT Act's broader provisions on secure electronic records.
Yes — honest advice is the whole point. If Class 3 DSC is not right for your Thousand Lights situation, or can safely wait, we will say so plainly rather than sell you something. That is why much of our work comes through referrals.
Class 1 was the lowest assurance level used only for email and webmail signing and has been functionally deprecated. Class 2 was issued after pre-verified database identity check and was used for MCA, Income Tax and GST filings till 31 December 2020. Class 3 is the highest assurance level requiring physical or video-based personal verification under the CCA Identity Verification Guidelines and is now the only PKI-based DSC issued in India.
Online Certificate Status Protocol (OCSP) defined in RFC 6960 is a real-time alternative to CRL where a relying party queries the CA's OCSP responder for the status of a single certificate and receives an immediate "good", "revoked" or "unknown" response. CCA-licensed CAs operate OCSP responders alongside CRL publication and many e-government portals use OCSP for real-time signature verification.
Yes. Thousand Lights has an active base of banking and allied businesses, and we regularly handle Class 3 DSC for exactly these kinds of clients. We tailor the approach to your line of work rather than applying a one-size template.
With Aadhaar e-KYC and a pre-loaded USB token, Class 3 individual DSC is issued within 30-60 minutes of application. Video-KYC issuance typically takes 2-4 working hours during CA business hours. Organisation DSCs with manual document verification take 1-2 working days. Where in-person verification is required, timing depends on the CA's RA presence in the city.
In-person verification is the fallback verification method under the IVG where the applicant physically appears before a CA-authorised registration officer with original PAN and Aadhaar/passport. IPV is mandatory for organisation DSCs in certain configurations and where Aadhaar e-KYC and video KYC both fail. Section 36 of the IT Act mandates that the CA verify the identity of the applicant before issuance.
Section 5 of the IT Act 2000 grants digital signatures the same legal status as handwritten signatures wherever any law requires a signature. Section 3 prescribes the technical authentication procedure using asymmetric cryptography and hash functions. Section 3A inserted by the IT (Amendment) Act 2008 adds a parallel framework for "electronic signatures" specified in the Second Schedule, which presently includes Aadhaar-based eSign.
DSCs are services classified under SAC 998313 (information technology consulting and support services) and attract GST at 18%. The CA's invoice will show the fee, USB token cost and 18% GST separately. Where the recipient is GST-registered, full input tax credit on DSC fees is available subject to Section 16 of the CGST Act, including for use in business of company filings, tax filings and tendering.
Class 3 DSC near Thousand Lights:

Our Class 3 DSC clients in Thousand Lights are spread right across the locality — along Doctor M.G.R. Salai, Haddows Road, Uttamar Gandhi Salai, Uttamar Gandhi Salai (Nungambakkam High Road) and Avvai Shanmugam Salai, and through the Binny Road, Casa Major Road, College Bridge and College Road business stretches — so wherever your premises sit, expert help is close by.

Free Consultation Available

Ready for Expert Class 3 DSC in Thousand Lights?

Professional Class 3 DSC in Thousand Lights, Chennai. Call @ 9566-068-468. Offices at Maduravoyal, Nerkundram & Nolambur (upcoming). 15+ years experience, 4.9★ rated.

From ₹1,500/one-time
15+ years experience
Zero penalties guaranteed
Maduravoyal · Nerkundram · Nolambur (upcoming)
Call Now WhatsApp