DSC Management Guidelines (Applicable only for CRM/HR/Admin/Tech & Testing team of ASL)
Details
| Date | Version | Status | Information Classification | Document Template ID | Document No |
|---|---|---|---|---|---|
| 08-01-2020 | 1.3 | Approved | Internal | AMS DOC | AMS-CP-07 |
Revision History
| Date | Version | Description | Author | Reviewed by | Approved by | Approved date |
|---|---|---|---|---|---|---|
| 18-07-2016 | 1.0 | Initial Version | Binu Praveen | Rukmani | Rukmani | |
| 08-08-2016 | 1.1 | Reviewed for approval | Ramanujan | |||
| 04-08-2017 | 1.2 | Reviewed No Changes | ||||
| 03-01-2020 | 1.3 | Updated to include DSC Issue and Destruction of token sections | Binu, Usha | Shaila, Rukmani | Manohar | 08-01-2020 |
Acronym Used
| Acronym | Expanded Form |
|---|---|
| DSC | Digital Signature Certificate |
| RF | Request Form |
Process for Obtaining the DSC (Token and Certificate)
RF needs to be raised by the concerned person along with the approval of HOD.
Same needs to be forwarded to purchase/admin department (HR &Purchase) and from there it need to be forwarded to front office team.
Front office team to coordinate with the respective BD/CRM team member/concerned user for the documentation and follow the steps related to "DSC issue ".
Records to be updated and maintained by the Purchase/admin team in ISO server in the format given below "DSC Report"(Ref: Point 5 in this document).
For new employees joining the organization the DSC will be issued from HR after taking an acknowledgement for filing purposes.
Renewal of expire DSC (to the existing token)
RF needs to be raised by the concerned person along with the approval of HOD.
Same needs to be forwarded to purchase department and from there to front office team
Front office team to coordinate with the respective BD/CRM team member/concerned user for the documentation and follow the steps related to "DSC issue ".
Records to be updated and maintained by the Purchase/admin team in ISO server in the format given below "DSC Report "(Ref: Point 5 in this document).
DSC issue
DSC is processed in two different forms accordingly.
Through Application form
Through KYC paperless
Steps followed while issuing DSC through Application form
Application form (Capricorn/ E-mudhra) individual is provided to the concerned user by the front office team.
User will fill the form and provide the documents specified in the form.
Front office team will verify the documents and the form and will process the application through the link (E-mudhra/Capricorn).Challenge code for downloading the certificates will be specified by the front office team only while processing the application which is to be remembered.
Once the application is processed, Application ID will be generated accordingly (Signature/Encryption or both), and verification links will be sent automatically to their respective Mobile no's and Email id's.
Front office team will drop a mail to the user saying that application has been processed with this application id and the verification links has been sent. Kindly complete the Mobile verification, email verification and video verification.
Once this verifications are completed, stock is allocated according to the class type and certificate required.
Application and documents hard copy is scanned, uploaded in the pre-check process and sent for approval.
Once the documents are approved by the partner with the user verification process, certificate will be ready to download.
Front office team will download the certificates with challenge code using eMclick /cash solution to the token (epass/safenet) and hand over the token with delivery challan containing the password details in it.
Steps followed while issuing DSC through KYC paperless
Once RF is received by the front office team, he/ she will ask the user to provide the Aadhaar card number registered with present mobile number.
Front office team will login to the portal (Emudhra/Capricorn) and select the paperless option.
Then the details of the user will be fetched using Aadhaar number logging to MY Aadhaar - Aadhaar paperless offline e-kyc option.
Then OTP will be generated to the user to confirm the mobile number and Aadhaar will be downloaded.
Then DSC application details will be updated once the downloaded aadhaar is uploaded and challenge code is specified by the front office team member.
DSC certificate details (Class type& validity) is selected and submitted .
Application id will be generated and verification links will be sent to mobile number, email id.
Once mobile verification, video verification is completed, stock is allocated according to the class, type and certificate required.
Then front office team send the application for approval from the partner. Once it is approved it will be ready to download.
Front office team will download the certificates with challenge code using eMclick /cash solution to the token (epass/safenet) and hand over the token with delivery challan containing the password details in it.
Revocation of DSC
Reasons for revocation should fall under anyone of the below scenarios. Any other scenarios other than the below will be charged to the concerned user.
Employee is leaving the organization
For Testing purposes
Employee has been moved to different department/project and no further use of DSC Key.
Employee lost the DSC
Hardware malfunction
DSC Report
- DSC Report data format is as follows:
| SL.No | Employee No | Employee Name | Department | Request date | New/Renewal | Type and Class of DSC (Emudhra/Capricorn) | HW token(Yes/No) | Certificate serial no | Issued Date | Expiry Date |
|---|---|---|---|---|---|---|---|---|---|---|
Return/Destruction of DSC
DSC keys are returned to the In-charge of that department by the user/s,
Damaged DSC keys are disposed through eWaste.
ISO27001 Control References
A.10.1.1
A.10.1.2
Implementation Artifacts
| Srl. | Template ID | Artifact Name |
| AMS-CF-09 | Request Form |