How to Add a Digital Signature to Your Document using DSC?
New to digital signatures? Read What They Are, Why They Matter, and Which Type to Use first>
DSC (Digital Signature Certificate) signing uses a physical USB hardware token to cryptographically sign your document. It provides the highest level of legal standing available for digital signatures in India.
The signing flow on Refrens is similar to Certified eSign, with a few additional prerequisites and a one-time setup step on the first signing.
Prerequisites
Ensure all of the following are in place before initiating a DSC signing request:
1. Class 3 DSC on a supported USB token
You must have a valid Class 3 DSC issued on an ePass2003 Auto or HYP2003 USB token. If you already use your DSC for GST filing, MCA submissions, or income tax e-filing, you can use the same token - provided it is one of the two supported models.
Note: Class 2 DSC was discontinued by the Government of India in January 2021. Only Class 3 is valid.
2. Java 1.7 or 1.8
The signing process requires Java version 1.7 or 1.8 installed on the machine used for signing. Refrens will provide a download link for the correct version. Install it before proceeding.
3. Use Chrome, Firefox, or Internet Explorer
DSC signing must be performed in one of these browsers: Google Chrome, Mozilla Firefox, or Internet Explorer. Other browsers are not supported for the signing flow.
Step-by-step
Step 1: Select signature type while creating the document
When creating a new document (invoice, quotation, purchase order, or any supported type), find the Signature section in the document form > Set the signature type to Digital > Save and complete the document:

Note: The signature type must be set before the document is saved. Any subsequent change to the document will invalidate an existing digital signature.
Step 2: Open the Signature Details accordion on the preview page
Once the document is saved, go to the document preview page. On the right sidebar, find the Signature Details accordion and expand it.

Click Add Signature. A modal will open:

In the modal, confirm or update:
● Signer's name: as it should appear on the signature
● Signer's email: the OTP will be sent here
● Signature type: select DSC
Once you click Submit, 1 signature credit will get consumed, and a signing link will get generated:

Step 3: Share the signing link
The signing link is not emailed to the signer automatically. Copy the link and share it with the signer.
The signing link is valid for 10 days. It cannot be extended.
Step 4: Signer verifies identity
When the signer opens the link, they are redirected to Digio (the signing platform).
Here, You can either do a Google login OR send a code to your email to authenticate your email:

If you click on "Send Code to Email", you will recieve the code on your email from digio:

Just submit the code to complete the authetication:

Step 5: First-time setup - DigioSmartClient installation
This step applies only on the first DSC signing. After identity verification, when the signer clicks Proceed to Sign, Digio will prompt to install DigioSmartClient:

Step 1: Allow digio to access other apps and services on your device
Step 2: Install DIgio Smart Client application from Windows Administrator. Your system's security settings and any antivirus or firewall software must permit the download and installation of DigioSmartClient and the USB token drivers. If downloads are blocked by a corporate policy or security software, get permission from your IT administrator before proceeding.
Step 3: Keep your DSC token connected to your device and install driver

**Step 4: **Once drivers are installed, Digio will prompt to enter your DSC token pin, to sign the document

***Note: ***On all subsequent signings, DigioSmartClient is already installed. Just connect the USB token, open the signing link, verify via OTP, and the DSC is detected automatically.
Step 6: Confirm on Refrens
Once signed, return to the document on Refrens and refresh the page. The document will now show a Digitally Signed note confirming the signature is in place:

When the document is downloaded or shared — by email, WhatsApp, or any other channel — the signed version of the PDF is shared automatically:

Signing history and audit trail

The Signature Details accordion maintains a complete signing history. For each signing request, it shows:
● Signer name and email
● Signature type
● Status (pending / signed / cancelled / expired)
● Signed At (date and time)
● A link to copy the signing URL (if the request is still active)
All previous signed versions remain available in this table. They can be downloaded at any time for audit purposes.
What invalidates the digital signature

Previously signed versions are preserved in the signing history and remain downloadable even after the signature is invalidated.
Managing signing requests

● To cancel an active signing request before it is signed: use the cancel option available in the signing history table.
● To re-share the link: copy it from the signing history table.
● If a request expires (10 days): initiate a new signing request from the accordion. One additional credit is consumed.
Verifying the signed PDF
The signed PDF has the signer's DSC certificate embedded directly in it. Anyone who receives the document can verify it using any standard PDF reader - Adobe Acrobat Reader, Foxit Reader, or similar. No Refrens account or special software is needed.
To verify: open the signed PDF and click on the signature area. The PDF reader will show a Signature Validation Status panel alongside a signature details panel:

Frequently asked questions
Which USB tokens are supported?
Only ePass2003 Auto and HYP2003 tokens are supported. If your DSC is issued on a different token model, it will not work with the signing flow on Refrens.
Is the signing link emailed to the signer automatically?
No. The signing link is generated and available in the signing history table. You need to copy and share it with the signer manually.
Which browser should I use for DSC signing?
Google Chrome, Mozilla Firefox, or Internet Explorer. Other browsers are not supported.
My DSC certificate has expired. Are documents I signed earlier still valid?
Yes — if the document was signed while the certificate was valid, a trusted timestamp is embedded in the signed PDF at the time of signing. This timestamp proves the signature was applied before expiry. Open the signed PDF in Adobe Reader and check the signature panel to verify.
Can I use the DSC I already use for GST or income tax filing?
Yes, as long as it is a Class 3 DSC on an ePass2003 Auto or HYP2003 token. The same certificate used for government filings works here — no additional DSC is needed.
The signer is in a different location. Can they sign remotely?
Yes. The signer needs the USB token physically connected to their machine, Java 1.7 or 1.8 installed, and a supported browser. Share the signing link with them and they complete the process independently.
What if I edit the document after signing?
The signature is invalidated and all pending requests are cancelled. A warning appears before the edit is saved. The previous signed PDF remains accessible in the signing history table.
**Is the token PIN sent to Refrens or Digio? **
No. The PIN is entered locally to unlock the USB token and is never transmitted to Refrens or Digio.
Why does "DS DIGIOTECH SOLUTIONS PRIVATE LIMITED" appear when I verify the signature?
This is expected. In Certified eSign, Digio's platform certificate is used to seal the document — so the PDF reader shows Digio's name, not the signer's. This confirms the document hasn't been tampered with and the signing process was completed correctly.
The signer's actual identity — their name, email, OTP verification, IP address, and timestamp — is visible on the signature itself on the document page.
Prefer to sign without hardware? See How to Add a Digital Signature using Certified eSign>
Updated on: 17/06/2026
Thank you!
