F. No. 4/8/2008 – EO(PR)

राजीव कुमार
RAJIV KUMAR
स्थापना अधिकारी
और अतिरिक्त सचिव
ESTABLISHMENT OFFICER
& ADDITIONAL SECRETARY
Tel. : 23092370
Fax : 23093142

भारत सरकार
कार्मिक और प्रशिक्षण विभाग
कार्मिक, लोक शिकायत तथा पेंशन मंत्रालय
नोर्थ ब्लाक, नई दिल्ली – 110001
GOVERNMENT OF INDIA
DEPARTMENT OF PERSONNEL & TRAINING
MINISTRY OF PERSONNEL, PUBLIC GRIEVANCES
AND PENSIONS
NORTH BLOCK, NEW DELHI – 110001

Dated, the 21st April, 2015

To

Cadre Controlling Authorities,
(as per the enclosed list.)

Sir/Madam,

As you are aware, recording of Performance Appraisal Report is undertaken annually as it provides the basic and vital inputs for development of an officer. The PARs of All India Services and other Group ‘A’ Central Services’ officers are written as per schedule/timelines enshrined in the relevant rules of the Service. The Performance Appraisal Reports not recorded within prescribed schedule/timelines are treated as ‘time barred’ and where dates are not indicated by the officer reported upon, reporting/reviewing/accepting authority, such PARs are taken on record assuming that these would have been recorded in time and dates were left inadvertently. Instances, however, have been coming to the notice where such gaps are exploited by ante-dating self assessment or remarks being left undated intentionally.

1. With a view to address these issues, online reporting was introduced with effect from 1st April, 2014 for the assessment year 2013-14 in respect of IAS officers on pilot basis. For this, an application christened as SPARROW (Smart Performance Appraisal Report Recording Online Window) was developed by NIC based on the inputs/comments of all stakeholders. During the year 2013-14, 5150 PARs were generated online. Out of these, a substantial number of PARs were completed online and reached the respective dossier of officers in SPARROW. Cadre Controlling Authorities, officers concerned and DoPT can access these dossiers and download the PARs as per the requirements. Thus in addition to addressing the unsavory practices of ante-dating, remarks being left undated intentionally, following advantages have also accrued as a result of online recording:

(a) More probity and transparency in recording of PARs.

(b) No loss of PARs in transition.

(c) Better monitoring and timely completion.

(d) Easy and immediate access to the dossiers by unauthorized users.

…2/-

-2-

1. Considering the success of online reporting in respect of IAS officers, it is proposed to roll out online filing to other two All India Services and Group ‘A’ Central Services participating in Central Staffing Scheme to address similar issues.

2. The Cadre Controlling Authorities are, therefore, requested to obtain approval of Competent Authority and simultaneously make preparations as indicated in annexure I for introduction of online recording. Demonstration of the operation and functioning of SPARROW is proposed to be organized separately, for which a communication would be sent in due course. The software can be tweaked/customized by NIC as per the requirement of the Services based on their feedback/inputs.

3. Meanwhile to begin with, all Members of the Service may be sensitized to get NIC email id and password as access to the application would be through NIC-email id which would have to be registered first. In order to authenticate the PAR, each officer/authority involved in the channel of reporting would have to be issued/provided Digital Signature. Letter of Secretary (DEITY) about the launch of eSign-which is an online service without using physical dongles that offers application service providers the functionality to authenticate signers and perform the digital signing of documents using Aadhar e-KYC service, is also enclosed as annexure II.

4. I would request the Departments to get in touch with the Controller of Certifying Authorities, DEITY and project the requirements for issue of Digital Signature to its officers. A line of confirmation of the follow up on above would be highly appreciated.

With regards,

Yours sincerely,

(Rajiv Kumar)

EO and AS

Copy to: J.S.(E)

J.S.(AT & T)

List of activities for application to become operational

Note:

The list of activities has been prepared based on the implementation of SPARROW and the requirements may vary as per the actual software which would be developed by NIC for the Service.

Annexure II

303 303 2000

R.S. Sharma

Secretary

SECRETARY

TO: SRI RISHI STAFFING AGENCY

CONSULTANT TO: RISHI STAFFING AGENCY

Government of India

Ministry of Communications & Information Technology

Department of Electronics & Information Technology (DeitY)

DO No. 12(04)/2014-CCA(Pt.4)

26th February, 2015

Dear Secretary,

The Office of CCA has been set up under the Information Technology (IT) Act, 2000 to facilitate the Electronic Signature environment and the functions of Certifying Authorities (CA). More than 90 lakh Digital Signature Certificates (DSC) have been issued by these CAs. These DSCs are being used in a number of applications including Real Time Gross Settlement System & Structured Financial Messaging System of the RBI, filing of company returns with the Ministry of Corporate Affairs, filing of Income Tax returns, issue of import/export licenses by DGFT, eProcurement, share trading and by the Booking Agents for Indian Railways among others.

1. For obtaining a DSC, a person’s identity verification is a mandatory requirement. The verification process is currently paper-based, which is an impediment to scaling up the usage of this facility to a large segment of the population. Moreover, requirement of a FIPS compliant token for generation of signatures is also a lengthy process. A simple to use online service is required to allow everyone to have the ability to digitally sign electronic documents.

2. eSign is an online service that can be integrated within various service delivery applications to facilitate digitally signing a document by an Aadhaar holder. It is designed for applying Digital Signature using authentication of consumer through Aadhaar authentication and e-KYC service. The key generation and document signing is an integral part of the single process.

3. The eSign Service is proposed to be launched in near future. This is expected to result in a quantum leap in the way citizens interact with the Government for availing eGovernance Services.

4. A copy of the Brochure that has been prepared in this regard is attached for your information. Further details of the service can be visited at http://cca.gov.in/esign.

C. GOVERNMENT DEPARTMENT OF TECHNOLOGY / ELECTRONICS NINETAL, C.G.O. Complex, New Delhi-110003

Tel.: 011-24364041 / Fax: 24363134 / email: secretary@md.gov.in

1. I request you to consider integration of cSign into applications that are already operational or in the pipeline in your Department. Any query on this can be routed to Shri T A Khan (intoxicea.gov.in), Controller of Certifying Authorities, in this department.

With regards,

Yours sincerely,

(RS Sharma)

Encl: As above.

To

Secretaries of All Ministries/Departments, Government of India.

eSign – Online Digital Signature Service

Introduction

Currently personal digital signature requires person’s identity verification and issuance of USB dongle having private key, secured with a password/pin. Current scheme of physical verification, document based identity validation, and issuance of physical dongles does not scale to a billion people. For offering fully paperless citizen services, mass adoption of digital signature is necessary. A simple to use online service is required to allow everyone to have the ability to digitally sign electronic documents.

The eSign Service

eSign is an online service that can be integrated within various service delivery applications via an open API to facilitate digitally signing a document by an Aadhaar holder. It is designed for applying Digital Signature using authentication of consumer through Aadhaar authentication and e-KYC service.

• Easy and secure way to digitally sign information anywhere, anytime – eSign is an online service without using physical dongles that offers application service providers the functionality to authenticate signers and perform the digital signing of documents using Aadhaar e-KYC service.
• Facilitates legally valid signatures – eSign process involves consumer consent. Digital Signature Certificate generation, Digital Signature creation and affixing and Digital Signature Certificate acceptance in accordance with provisions of Information Technology Act. It enforce compliance, through API specification and licensing model of APIs and comprehensive digital audit trail is established to confirm the validity of transactions, are also preserved.
• Flexible and easy to implement – eSign provides configurable authentication options in line with Aadhaar e-KYC service and also record Aadhaar id to verify the identities of signers. The signature option includes biometric or OTP authentication (optionally with PIN) through a registered mobile in the Aadhaar database. eSign enables millions of Aadhaar holders an easy way to access legally valid Digital Signature service.
• Respecting privacy – eSign ensure the privacy of the consumer by submitting only the thumbprint (hash) of the document for signature function instead of whole document.
• Secure online service – The eSign Service is governed by e-authentication guidelines. While authentication of the signer is carried out using Aadhaar e-KYC, the signature on the document is carried out on a backend server, which is the e-Sign provider. eSign services are offered by trusted third party service provider, currently Certifying Authority. To enhance the security and prevent misuse, certificate holder private keys are created on Hardware Security Module (HSM) and destroyed immediately after one time usage.

eSign Overview

eSign API and Gateway – eSign Application Programming Interfaces (APIs) define the major architectural components and also describe the format and elements of communication among the stake holders like Application Service Provider, Certifying Authorities, Trusted Third parties, Aadhaar e-KYC service and Application Gateway. This Standard eSign enable Application Service Providers to integrate eSign API in their Application with less effort. CDAC is functioning as eSign Gateway provider.

Who and where can use eSign – eSign have flexible subscription Model for individual users, business entities and Governments. eSign based on OTP (optionally with PIN) level authentication is suitable where risks and consequences of data compromise are low but they are not considered to be of major significance. eSign based on Biometric (Fingerprint/Iris) level authentication ideal for and risks and consequences of data compromise are moderate. This may include transactions having substantial monetary value or risk of fraud, or involving access to private information where the likelihood of malicious access is substantial.

Use Cases- eSign online Electronic Signature in Applications

eSign online Electronic Signature Service can be effectively used in scenarios where signed documents are required be submitted to Service Providers- Government, Public or Private sector. The agencies which stand to benefit from offering eSign online electronic signatures are those that accept large number of documents from users. Some applications which can use eSign for enhancing services delivery are the following:-

Use Case – eSign online Electronic Signature in Applications
Digital Locker
Tax
Financial Sector
Transport Department
Various Certificates
Passport
Telecom
Educational
Member of Parliament

• Self attestation
• Application for Tax ID, e-filing
• Application for account opening in banks and post office
• Application for driving licence renewal, vehicle registration
• Application for birth, caste, marriage, income certificate etc
• Application for issuance, reissue
• Application for new connection
• Application forms for course enrolment and exams
• Submission of parliament questions

CONTROLLER OF CERTIFYING AUTHORITIES
6, CGO Complex, Electronics Niketan, Lodhi Road, New Delhi-110 003
E-mail: info@cca.gov.in Website: www.cca.gov.in