UNIT-2(Information Security & Cyber Law)

Application security - Application security is the use of software, hardware, and procedural
methods to protect applications from external threats. Security is becoming an increasingly important
concern during development as applications become more frequently accessible over networks and
are, as a result, vulnerable to a wide variety of threats. Security measures built into applications and a
sound application security routine minimize the likelihood that unauthorized code will be able to
manipulate applications to access, steal, modify, or delete sensitive data. Actions taken to ensure
application security are sometimes called countermeasures. The most basic software countermeasure
is an application firewall that limits the execution of files or the handling of data by specific installed
programs. The most common hardware countermeasure is a router that can prevent the IP address of
an individual computer from being directly visible on the Internet.

Database security - Database security concerns the use of a broad range of information security
controls to protect databases against compromises of their confidentiality, integrity and availability. It
involves various types or categories of controls, such as technical, procedural/administrative and
physical. Database security is a specialist topic within the broader realms of computer security,
information security and risk management.

Security risks to database systems include, for example:

• Unauthorized or unintended activity or misuse by authorized database users, database

administrators, or network/systems managers, or by unauthorized users or hackers (e.g. inappropriate
access to sensitive data, metadata or functions within databases, or inappropriate changes to the
database programs, structures or security configurations);

• Malware infections causing incidents such as unauthorized access, leakage or disclosure of personal
or proprietary data, deletion of or damage to the data or programs, interruption or denial of authorized
access to the database, attacks on other systems and the unanticipated failure of database services; •
Overloads, performance constraints and capacity issues resulting in the inability of authorized users to
use databases as intended;

• Physical damage to database servers caused by computer room fires or floods, overheating,
lightning, accidental liquid spills, static discharge, electronic breakdowns/equipment failures and
obsolescence;

• Design flaws and programming bugs in databases and the associated programs and systems, creating
various security vulnerabilities (e.g. unauthorized privilege escalation), data loss/corruption,
performance degradation etc.;

• Data corruption and/or loss caused by the entry of invalid data or commands, mistakes in database
or system administration processes, sabotage/criminal damage etc.

Email Security - Email is vulnerable to both passive and active attacks. Passive threats include
Release of message contents, and traffic analysis while active threats include Modification of message
contents, Replay, and denial of service attack. Because email connects through many routers and mail
servers on its way to the recipient, it is inherently vulnerable to both physical and virtual
eavesdropping. To provide a reasonable level of privacy, all routers in the email pathway, and all
connections between them, must be secured. This is done through data encryption, which translates

1
the email's contents into incomprehensible text that, if designed correctly, can be decrypted only by
the recipient. There are two basic techniques for providing such secure connections.The electronic
envelope technique involves encrypting the message directly using a secure encryption standard.
These encryption methods are often a user-level responsibility, even though Enterprise versions of
OpenPGP exist. The usage of OpenPGP requires the exchange of encryption keys. Even if an
encrypted email is intercepted and accessed, its contents are meaningless without the decryption key.
There are also examples of secure messaging solutions available built on purely symmetric keys for
encryption. These methods are also sometimes tied with authorization in the form of authentication.
Authentication just means that each user must prove who he is by using either a password, biometric
(such as a fingerprint), or other standard authentication means.

Internet security – Internet security is a tree branch of computer security specifically related to
the Internet, often involving browser security but also network security on a more general level as it
applies to other applications or operating systems on a whole. Its objective is to establish rules and
measures to use against attacks over the Internet.

[1] The Internet represents an insecure channel for exchanging information leading to a high risk of
intrusion or fraud, such as phishing.

[2] Different methods have been used to protect the transfer of data, including encryption. Data
Backup and Archive - There is often confusion between a data archive and a backup. A classic backup
application takes periodic images of active data in order to provide a method of recovering records
that have been deleted or destroyed. Most backups are retained only for a few days or weeks as later
backup images supersede previous versions.

Security Technologies
With the rapid growth in the Internet, cyber security has become a major concern to organizations
throughout the world. The fact that the information and tools & technologies needed to penetrate
the security of corporate organization networks are widely available has increased that security
concern.

Today, the fundamental problem is that much of the security technology aims to keep the attacker
out, and when that fails, the defences have failed. Every organization who uses internet needed
security technologies to cover the three primary control types - preventive, detective, and
corrective as well as provide auditing and reporting. Most security is based on one of these types
of things: something we have (like a key or an ID card), something we know (like a PIN or a
password), or something we are (like a fingerprint).

Some of the important security technologies used in the cyber security are described below-

Firewall
Firewall is a computer network security system designed to prevent unauthorized access to or
from a private network. It can be implemented as hardware, software, or a combination of both.
Firewalls are used to prevent unauthorized Internet users from accessing private networks
connected to the Internet. All messages are entering or leaving the intranet pass through the
firewall. The firewall examines each message and blocks those that do not meet the specified
security criteria.

2
Categories of Firewalls
Firewall can be categorised into the following types-

1. Processing mode:
The five processing modes that firewalls can be categorised are-

Packet filtering

Packet filtering firewalls examine header information of a data packets that come into a
network. This firewall installed on TCP/IP network and determine whether to forward it to
the next network connection or drop a packet based on the rules programmed in the
firewall. It scans network data packets looking for a violation of the rules of the firewalls
database.

Packet filtering firewalls can be categorized into three types-

1. Static filtering: The system administrator set a rule for the firewall. These filtering
rules governing how the firewall decides which packets are allowed and which are
denied are developed and installed.

2. Dynamic filtering: It allows the firewall to set some rules for itself, such as dropping
packets from an address that is sending many bad packets.

3. Stateful inspection: A stateful firewalls keep track of each network connection

between internal and external systems using a state table.

3
MAC layer firewalls

This firewall is designed to operate at the media access control layer of the OSI network
model. It is able to consider a specific host computer's identity in its filtering decisions.
MAC addresses of specific host computers are linked to the access control list (ACL)
entries. This entry identifies specific types of packets that can be sent to each host and
all other traffic is blocked. It will also check the MAC address of a requester to determine
whether the device being used are able to make the connection is authorized to access
the data or not.

Hybrid firewalls

It is a type of firewalls which combine features of other four types of firewalls. These are
elements of packet filtering and proxy services, or of packet filtering and circuit
gateways.

VPNs
A VPN stands for virtual private network. It is a technology which creates a safe and an
encrypted connection on the Internet from a device to a network. This type of connection
helps to ensure our sensitive data is transmitted safely. It prevents our connection from
eavesdropping on the network traffic and allows the user to access a private network
securely. This technology is widely used in the corporate environments.

A VPN works same as firewall like firewall protects data local to a device wherever VPNs
protects data online. To ensure safe communication on the internet, data travel through
secure tunnels, and VPNs user used an authentication method to gain access over the
VPNs server. VPNs are used by remote users who need to access corporate resources,
consumers who want to download files and business travellers want to access a site that
is geographically restricted.

Intrusion Detection System (IDS)

An IDS is a security system which monitors the computer systems and network traffic. It
analyses that traffic for possible hostile attacks originating from the outsider and also for
system misuse or attacks originating from the insider. A firewall does a job of filtering the
incoming traffic from the internet, the IDS in a similar way compliments the firewall
security. Like, the firewall protects an organization sensitive data from malicious attacks
over the Internet, the Intrusion detection system alerts the system administrator in the
case when someone tries to break in the firewall security and tries to have access on
any network in the trusted side.

Intrusion Detection System have different types to detects the suspicious activities-

1. NIDS-

It is a Network Intrusion Detection System which monitors the inbound and outbound
traffic to and from all the devices over the network.

4
2. HIDS-

It is a Host Intrusion Detection System which runs on all devices in the network with
direct access to both internet and enterprise internal network. It can detect anomalous
network packets that originate from inside the organization or malicious traffic that a
NIDS has failed to catch. HIDS may also identify malicious traffic that arises from the
host itself.

3. Signature-based Intrusion Detection System-

It is a detection system which refers to the detection of an attack by looking for the
specific patterns, such as byte sequences in network traffic, or known malicious
instruction sequences used by malware. This IDS originates from anti-virus software
which can easily detect known attacks. In this terminology, it is impossible to detect new
attacks, for which no pattern is available.

4. Anomaly-based Intrusion Detection System-

This detection system primarily introduced to detect unknown attacks due to the rapid
development of malware. It alerts administrators against the potentially malicious
activity. It monitors the network traffic and compares it against an established baseline. It
determines what is considered to be normal for the network with concern to bandwidth,
protocols, ports and other devices.

Access Control
Access control is a process of selecting restrictive access to a system. It is a concept in
security to minimize the risk of unauthorized access to the business or organization. In
this, users are granted access permission and certain privileges to a system and
resources. Here, users must provide the credential to be granted access to a system.
These credentials come in many forms such as password, key card, the biometric
reading, etc. Access control ensures security technology and access control policies to
protect confidential information like customer data.

The access control can be categories into two types-

o Physical access control

o Logical access control
Physical Access Control- This type of access control limits access to buildings, rooms,
campuses, and physical IT assets.

Logical access control- This type of access control limits connection to computer
networks, system files, and data.

The more secure method for access control involves two - factor authentication. The first
factor is that a user who desires access to a system must show credential and the
second factor could be an access code, password, and a biometric reading.

The access control consists of two main components: authorization and

authentication. Authentication is a process which verifies that someone claims to be

5
granted access whereas an authorization provides that whether a user should be
allowed to gain access to a system or denied it.

Security Threats-

What is a Malware
• Malware is the shortened form of malicious software.
• Malware is an umbrella term used to refer to a variety of forms of
hostile or intrusive software including Ransom wares, Computer
Viruses, Worms, Trojan Horses, Spyware, Adware, Scareware etc.
• This is any program or file that is harmful to a computer user.
• The term refers to software that is deployed with malicious intent.
• Malware can be deployed even remotely, and tracking the source of
malware is hard.
• It can take the form of executable code, scripts, active content, and
other software.
• These malicious programs can perform a variety of functions,
including stealing, encrypting or deleting sensitive data, altering or
hijacking core computing functions and monitoring users’ computer
activity without their permission.
• This combination has enabled commercial malware providers to
supply sophisticated black markets for both malware and the
information that it collects.

What is the purpose of creating a Malware?

• Initially, it started as a prank among software developers. However,
later on, malware converted into a full-fledged industry of black and
white market.
• It may be used by black hat hackers or even some governments for
monitoring their targets.
• Demand for sophisticated malware is created primarily by organised
crime syndicates and state-sponsored espionage agents.

Malware is typically used:

1. To steal information that can be readily monetized, such as login

credentials, credit card and bank account numbers,
2. And intellectual property such as computer software, financial
algorithms, and trade secrets.
3. To ransom money in Bitcoin, for example, Wannacry Ransomware.

6
 4. Spy on computer users for an extended period without their
knowledge, for example, Reign Malware.
5. It may be designed to cause harm, often as sabotage for example
Stuxnet.
6. Extort payment for example Cryptolocker.

List of Common Malware types:

• Adware: The least dangerous and most lucrative Malware. Adware
displays ads on your computer.
• Spyware: Spyware is software that spies on you, tracking your
internet activities in order to send advertising (Adware) back to your
system.
• Virus: A virus is a contagious program or code that attaches itself to
another piece of software, and then reproduces itself when that
software is run. Most often this is spread by sharing software or files
between computers.
• Spam: Spamming is a method of flooding the Internet with copies of
the same message. Most spams are commercial advertisements
which are sent as an unwanted email to users. Spams are also known
as Electronic junk emails or junk newsgroup postings. These spam
emails are very annoying as it keeps coming every day and keeps
your mailbox full.
• Worm: A program that replicates itself and destroys data and files on
the computer. Worms work to “eat” the system operating files and data
files until the drive is empty.
• Trojan: A Trojan horse or Trojan is a type of malware that is often
disguised as legitimate software. Trojans are written with the purpose
of discovering your financial information, taking over your computer’s
system resources, and in larger systems creating a “denial-of-service
attack” which is making a machine or network resource unavailable to
those attempting to reach it. Example: Google, AOL, Yahoo or your
business network becoming unavailable.
• Backdoors: Backdoors are much the same as Trojans or worms,
except that they open a “backdoor” on a computer, providing a
network connection for hackers or other Malware to enter or for
viruses or SPAM to be sent.
• Ransomware: If you see this screen that warns you that you have
been locked out of your computer until you pay for your cybercrimes.
Your system is severely infected with a form of Malware called
Ransomware. Even if you pay to unlock the system, the system is
unlocked, but you are not free of it locking you out again.

7
 Email Virus
An email virus is defined as an email that consists hidden malicious
program that affects the system. The malicious program inside the email
gets activated once the user opens the malicious attachments with emails
or when clicking on infected links. Email viruses are also used in order to
bring the server down by continuously sending multiple spam emails.
These spam emails are designed by hackers in such a way that they are
difficult to detect by the users. The email virus not only affects the victim’s
system but all the systems in the address book of the victims.
Email virus consists of executable files that have extensions such as .exe,
.pdf, .dot, .com, .xls, .scr
How Does Email Virus Harm?
• Steal the personal data present in the system or device.
• Crash the system.
• Execute attacks such as ransomware .
• Marks the system of the victim as a botnet .
• Create continuous unwanted pop-ups.
Types of Email Virus
An email virus is spread across multiple systems through some common
methods such as:
1. Spam Emails
The most common method for the spread of email viruses is spam emails.
These emails are prepared in such a way that they look as of they are
legitimate and useful emails. The email consists of links for redirections
and the victim cannot resist clicking them. The subjects that are prepared
are useful and attractive. For example, subjects regarding interview calls
offers on purchases, etc. Once the user clicks on malicious links provided
within the email the malicious program gets installed in the system.
2. Hoax Mails
Hoax Mail Virus are emails that consist of warnings and alert-related
content. The main aim of Hoax mail is to panic the victims. The email is
attached with security precautions for viruses and hacks. They advise
installing the attachments for providing security and once the attachments
are installed the malicious program gets access to the systems.
3. Whaling/Business Email Compromise
Whaling is an email virus for organizational institutions. whaling is majorly
used for scam. The email looks like a genuine email and is sent to the
person who looks for transactions in the organization. The draft consists
of sending the specified amount of money for some mentioned reasons.
whaling commonly takes place with big organizations.
4. Ransomware
Ransomware encrypts the victim’s data and then demands payment to get
it decrypted. It is typically distributed through emails. Attacks using

8
ransomware typically have a financial motivation, and in contrast to other
forms of attacks, the victim of a ransomware assault is typically informed
of an exploit and provided instructions on how to recover from the attack.
5. Phishing
Phishing is the practise of tricking victims into divulging sensitive
information such as logon data or other information so that criminals can
use it or sell it for their own evil objectives. A socially crafted message and
an authentic-looking sender are the typical components of a phishing
attempt
Macro Virus
Macro viruses a malicious code specifically designed by the hacker or
attacker using the macro language (A language that is used to build
applications such as Microsoft Word, Excel, or PowerPoint). Macro
viruses attach themselves to documents and spreadsheets, and when
these files are opened or edited, they infect other documents as well. The
dangerous thing about macro viruses is that they can infect any computer,
regardless of the operating system it runs on. This means that whether
your computer is running Windows, macOS, or Linux, it is vulnerable to a
macro virus attack.

Malicious Software
The words “Malicious Software” coin the word “Malware” and the meaning
remains the same. Malicious Software refers to any malicious program that
causes harm to a computer system or network. Malicious Malware
Software attacks a computer or network in the form of viruses, worms,
trojans, spyware, adware or rootkits.

Their mission is often targeted at accomplishing unlawful tasks such as

robbing protected data, deleting confidential documents or add software
without the user consent.

Different Types Of Malicious Software

Computer Virus

A computer virus is a malicious software which self-replicates and attaches

itself to other files/programs. It is capable of executing secretly when the
host program/file is activated. The different types of Computer virus are
Memory-Resident Virus, Program File Virus, Boot Sector Virus, Stealth
Virus, Macro Virus, and Email Virus.

9
Worms

A worm is a malicious software which similar to that of a computer virus is a

self-replicating program, however, in the case of worms, it automatically
executes itself. Worms spread over a network and are capable of launching
a cumbersome and destructive attack within a short period.

Trojan Horses

Unlike a computer virus or a worm – the trojan horse is a non-replicating

program that appears legitimate. After gaining the trust, it secretly performs
malicious and illicit activities when executed. Hackers make use of trojan
horses to steal a user’s password information, destroy data or programs on
the hard disk. It is hard to detect!

Spyware/Adware

Spyware secretly records information about a user and forwards it to third

parties. The information gathered may cover files accessed on the
computer, a user’s online activities or even user’s keystrokes.

Adware as the name interprets displays advertising banners while a

program is running. Adware can also work like spyware, it is deployed to
gather confidential information. Basically, to spy on and gather information
from a victim’s computer.

Rootkit

A rootkit is a malicious software that alters the regular functionality of an

OS on a computer in a stealthy manner. The altering helps the hacker to
take full control of the system and the hacker acts as the system
administrator on the victim’s system. Almost all the rootkits are designed to
hide their existence.

Denial of Service and Prevention

Denial of Service (DoS) is a cyber-attack on an individual Computer or Website
with the intent to deny services to intended users. Their purpose is to disrupt an
organization’s network operations by denying access to its users. Denial of service
is typically accomplished by flooding the targeted machine or resource with
surplus requests in an attempt to overload systems and prevent some or all
legitimate requests from being fulfilled. For example, if a bank website can handle
10 people a second by clicking the Login button, an attacker only has to send 10
fake requests per second to make it so no legitimate users can log in. DoS attacks
exploit various weaknesses in computer network technologies. They may target
servers, network routers, or network communication links. They can cause

10
computers and routers to crash and links to bog down. The most famous DoS
technique is the Ping of Death. The Ping of Death attack works by generating and
sending special network messages (specifically, ICMP packets of non-standard
sizes) that cause problems for systems that receive them. In the early days of the
Web, this attack could cause unprotected Internet servers to crash quickly. It is
strongly recommended to try all described activities on virtual machines
rather than in your working environment.
Following is the command for performing flooding of requests on an IP.
ping ip_address –t -65500
HERE,
• “ping” sends the data packets to the victim.
• “ip_address” is the IP address of the victim.
• “-t” means the data packets should be sent until the program is stopped.
• “-l(65500)” specifies the data load to be sent to the victim.
Other basic types of DoS attacks involve.
• Flooding a network with useless activity so that genuine traffic cannot get
through. The TCP/IP SYN and Smurf attacks are two common examples.
• Remotely overloading a system’s CPU so that valid requests cannot be
processed.
• Changing permissions or breaking authorization logic to prevent users from
logging into a system. One common example involves triggering a rapid series
of false login attempts that lockout accounts from being able to log in.
• Deleting or interfering with specific critical applications or services to prevent
their normal operation (even if the system and network overall are functional).

Threat to E-Commerce
E-Commerce refers to the activity of buying and selling things over the internet. Simply,
it refers to the commercial transactions which are conducted online. E-commerce can be
drawn on many technologies such as mobile commerce, Internet marketing, online
transaction processing, electronic funds transfer, supply chain management, electronic
data interchange (EDI), inventory management systems, and automated data collection
systems.

E-commerce threat is occurring by using the internet for unfair means with the intention
of stealing, fraud and security breach. There are various types of e-commerce threats.
Some are accidental, some are purposeful, and some of them are due to human error.
The most common security threats are an electronic payments system, e-cash, data
misuse, credit/debit card frauds, etc.

11
Electronic payments system:
With the rapid development of the computer, mobile, and network technology, e-
commerce has become a routine part of human life. In e-commerce, the customer can
order products at home and save time for doing other things. There is no need of visiting
a store or a shop. The customer can select different stores on the Internet in a very short
time and compare the products with different characteristics such as price, colour, and
quality.

The electronic payment systems have a very important role in e-commerce. E-

commerce organizations use electronic payment systems that refer to paperless
monetary transactions. It revolutionized the business processing by reducing paperwork,
transaction costs, and labour cost. E-commerce processing is user-friendly and less time
consuming than manual processing. Electronic commerce helps a business organization
expand its market reach expansion. There is a certain risk with the electronic payments
system.

Some of them are:

The Risk of Fraud

An electronic payment system has a huge risk of fraud. The computing devices use an
identity of the person for authorizing a payment such as passwords and security
questions. These authentications are not full proof in determining the identity of a
person. If the password and the answers to the security questions are matched, the
system doesn't care who is on the other side. If someone has access to our password or
the answers to our security question, he will gain access to our money and can steal it
from us.

The Risk of Tax Evasion

The Internal Revenue Service law requires that every business declare their financial
transactions and provide paper records so that tax compliance can be verified. The
problem with electronic systems is that they don't provide cleanly into this paradigm. It
makes the process of tax collection very frustrating for the Internal Revenue Service. It is
at the business's choice to disclose payments received or made via electronic payment
systems. The IRS has no way to know that it is telling the truth or not that makes it easy
to evade taxation.

The Risk of Payment Conflicts

In electronic payment systems, the payments are handled by an automated electronic
system, not by humans. The system is prone to errors when it handles large amounts of
payments on a frequent basis with more than one recipients involved. It is essential to
continually check our pay slip after every pay period ends in order to ensure everything
makes sense. If it is a failure to do this, may result in conflicts of payment caused by
technical glitches and anomalies.

12
E-cash
E-cash is a paperless cash system which facilitates the transfer of funds anonymously.
E-cash is free to the user while the sellers have paid a fee for this. The e-cash fund can
be either stored on a card itself or in an account which is associated with the card. The
most common examples of e-cash system are transit card, PayPal, GooglePay, Paytm,
etc.

E-cash has four major components-

1. Issuers - They can be banks or a non-bank institution.

2. Customers - They are the users who spend the e-cash.
3. Merchants or Traders - They are the vendors who receive e-cash.
4. Regulators - They are related to authorities or state tax agencies.

In e-cash, we stored financial information on the computer, electronic device or on the

internet which is vulnerable to the hackers. Some of the major threats related to e-cash
system are-

Credit/Debit card fraud

A credit card allows us to borrow money from a recipient bank to make purchases. The
issuer of the credit card has the condition that the cardholder will pay back the borrowed
money with an additional agreed-upon charge.

A debit card is of a plastic card which issued by the financial organization to account
holder who has a savings deposit account that can be used instead of cash to make
purchases. The debit card can be used only when the fund is available in the account.

Digital Signature
A digital signature is a mathematical technique used to validate the
authenticity and integrity of a message, software, or digital document.
1. Key Generation Algorithms: Digital signature is electronic signatures,
which assure that the message was sent by a particular sender. While
performing digital transactions authenticity and integrity should be
assured, otherwise, the data can be altered or someone can also act
as if he was the sender and expect a reply.
2. Signing Algorithms: To create a digital signature, signing algorithms
like email programs create a one-way hash of the electronic data which
is to be signed. The signing algorithm then encrypts the hash value
using the private key (signature key). This encrypted hash along with
other information like the hashing algorithm is the digital signature. This
digital signature is appended with the data and sent to the verifier. The
reason for encrypting the hash instead of the entire message or
document is that a hash function converts any arbitrary input into a
much shorter fixed-length value. This saves time as now instead of
signing a long message a shorter hash value has to be signed and
moreover hashing is much faster than signing.

13
3. Signature Verification Algorithms : Verifier receives Digital Signature
along with the data. It then uses Verification algorithm to process on
the digital signature and the public key (verification key) and generates
some value. It also applies the same hash function on the received
data and generates a hash value. If they both are equal, then the
digital signature is valid else it is invalid.
The steps followed in creating digital signature are :
1. Message digest is computed by applying hash function on the
message and then message digest is encrypted using private key of
sender to form the digital signature. (digital signature = encryption
(private key of sender, message digest) and message digest =
message digest algorithm(message)).
2. Digital signature is then transmitted with the message.(message +
digital signature is transmitted)
3. Receiver decrypts the digital signature using the public key of
sender.(This assures authenticity, as only sender has his private key
so only sender can encrypt using his private key which can thus be
decrypted by sender’s public key).
4. The receiver now has the message digest.
5. The receiver can compute the message digest from the message
(actual message is sent with the digital signature).
6. The message digest computed by receiver and the message digest
(got by decryption on digital signature) need to be same for ensuring
integrity.
Message digest is computed using one-way hash function, i.e. a hash
function in which computation of hash value of a message is easy but
computation of the message from hash value of the message is very
difficult.

14
Assurances about digital signatures
The definitions and words that follow illustrate the kind of assurances that
digital signatures offer.
1. Authenticity: The identity of the signer is verified.
2. Integration: Since the content was digitally signed, it hasn’t been
altered or interfered with.
3. Non-repudiation: demonstrates the source of the signed content to all
parties. The act of a signer denying any affiliation with the signed
material is known as repudiation.
4. Notarization: Under some conditions, a signature in a Microsoft Word,
Microsoft Excel, or Microsoft PowerPoint document that has been time-
stamped by a secure time-stamp server is equivalent to a notarization.
Benefits of Digital Signatures
• Legal documents and contracts: Digital signatures are legally
binding. This makes them ideal for any legal document that requires a
signature authenticated by one or more parties and guarantees that the
record has not been altered.
• Sales contracts: Digital signing of contracts and sales contracts
authenticates the identity of the seller and the buyer, and both parties
can be sure that the signatures are legally binding and that the terms of
the agreement have not been changed.
• Financial Documents: Finance departments digitally sign invoices so
customers can trust that the payment request is from the right seller,
not from a bad actor trying to trick the buyer into sending payments to
a fraudulent account.
• Health Data: In the healthcare industry, privacy is paramount for both
patient records and research data. Digital signatures ensure that this
confidential information was not modified when it was transmitted
between the consenting parties.
Drawbacks of Digital Signature
• Dependency on technology: Because digital signatures rely on
technology, they are susceptible to crimes, including hacking. As a
result, businesses that use digital signatures must make sure their
systems are safe and have the most recent security patches and
upgrades installed.
• Complexity: Setting up and using digital signatures can be
challenging, especially for those who are unfamiliar with the
technology. This may result in blunders and errors that reduce the
system’s efficacy. The process of issuing digital signatures to senior
citizens can occasionally be challenging.
• Limited acceptance: Digital signatures take time to replace manual
ones since technology is not widely available in India, a developing
nation.

15