Blog Details

Introduction

If you are an investigator, an advocate or an organisation that has to put digital material before an Indian court, sooner or later you will run into one question: how do you prove that a file, a log, a video or a disk image is genuine and unaltered? The answer in Indian law is the electronic evidence certificate. This page is a starting point — a single guide that explains why these certificates exist, how the law moved from Section 65B of the Indian Evidence Act to Section 63 of the Bharatiya Sakshya Adhiniyam, 2023, and the different kinds of certificate that suit different situations. Wherever a topic has its own detailed guide, we link to it so you can go deeper. Throughout, we point out how e-Dex (formerly Hash Calculator) helps you produce one.

Why an Electronic Record Needs a Certificate

A screenshot, an email export or a copy of a database is secondary evidence. The court cannot simply assume that the copy is a faithful, unaltered reproduction of what existed on the original device or system. The certificate bridges that gap: it identifies the source device or system, confirms it was operating properly, describes how the copy was acquired, and records the integrity values that let anyone re-check the file later. In plain terms, a certificate tells the court where the record came from and why it can be trusted.

From Section 65B IEA to Section 63 BSA 2023

For decades, electronic-evidence certificates in India were governed by Section 65B of the Indian Evidence Act, 1872. The Bharatiya Sakshya Adhiniyam, 2023 (BSA) replaced that Act, and the certificate requirement now lives in Section 63. The principle is continuous — both require a certificate — but the BSA modernised the language and introduced a Schedule with a prescribed certificate form split into Part A (completed by the party producing the record) and Part B (completed by an expert). Our dedicated explainer covers this in detail: Section 63 of the BSA 2023: producing a court-ready electronic evidence certificate.

The Building Blocks: Hashing, Signing and Timestamps

Three technical ideas sit under almost every good certificate. First, cryptographic hashing — a fixed-length fingerprint (MD5, SHA-256, SHA-512, BLAKE3 and others) computed over a file. Recompute it later and a match proves the file is bit-for-bit identical; change one byte and the hash changes completely. Second, a PAdES digital signature using a Digital Signature Certificate (DSC) on a USB token, which binds the deponent's identity to the document so any later edit is detectable. Third, an RFC-3161 trusted timestamp, which seals the exact moment the certificate was produced against an independent Time-Stamping Authority. For the integrity side specifically, see our evidence integrity certificate guide, and for signing and timestamping, see how to sign and timestamp a forensic certificate (PAdES + RFC-3161).

Integrity and Provenance: Two Different Jobs

It helps to separate two things a certificate can prove. Integrity is about whether a file has changed; provenance is about who handled it and how. To show a file was not altered between collection and court, you compare a hash taken before and after — see how to prove digital evidence was not altered (hash before and after). To show the documented history of custody — every person, place and step from seizure onward — see chain of custody for digital evidence (beyond hashing). A strong submission uses both together.

Different Kinds of Certificate for Different Situations

"Electronic evidence" covers a wide range of material, and the framing of the certificate shifts with the source. Below are the common situations, each with its own dedicated guide.

Forensic examination of a device or image. When an examiner analyses a seized computer or a forensic image and reports findings, the certificate documents the tools, methods and integrity values used. See the forensic examination certificate in India.

Mobile phone extractions. Call records, chats and app data pulled from a handset need a certificate that records the device, the extraction method and the integrity of the export. See the mobile evidence extraction certificate in India.

CCTV and video footage. Footage exported from a DVR or surveillance system is a frequent exhibit, and its certificate must tie the export to the original system and prove it has not been re-encoded or edited. See the court-ready CCTV / video evidence certificate.

Incident response. After a security incident, logs, memory captures and artefacts are collected under time pressure; a certificate records what was captured, when and with what integrity. See the incident response evidence certificate.

e-Discovery collections. In litigation and regulatory matters, large document sets are collected and produced; a certificate supports the defensibility of that collection. See the e-discovery collection certificate in India.

Cloud and SaaS evidence. When records are exported from cloud accounts or services, the certificate has to capture the source, the account and the export integrity. See the cloud evidence collection certificate.

Backups and archives. To show that a backup or archive faithfully represents the data at a point in time, the certificate records integrity values for the set. See the backup integrity certificate (proving data is unaltered).

Verifying a Certificate Later

A certificate is most useful when anyone — the opposing party, an examiner, a judge's assistant — can independently re-check it. Because e-Dex works offline and records standard hash values, a third party can recompute the hashes and confirm the signature without trusting any server. For a walkthrough, see how to verify a digital evidence certificate offline.

How e-Dex Fits In

e-Dex — the Digital Evidence Integrity Suite — is a Windows desktop application that takes you from file hash to court-ready certificate on a single machine. You add evidence files and let the tool hash them, fill in the case, device and acquisition details, and generate the certificate in the prescribed Section 63 Part A / Part B form (or the earlier framing for older records). Where required, you can sign it with a DSC and apply a trusted timestamp. Everything runs fully offline, so your evidence never leaves your computer. You can download e-Dex free and try the full workflow yourself.

A Note on Legal Advice

e-Dex helps you produce a well-structured, integrity-backed certificate; it is a tool, not a substitute for legal counsel. The precise wording, who must depose, and how a certificate is tendered depend on the facts of your matter and the current text of the statute and the Schedule. No tool can guarantee that evidence will be admitted — that remains a question for the court. Always read the provision as it stands and take advice where the stakes warrant it.

Frequently Asked Questions

Is an electronic evidence certificate mandatory in India?
When electronic records are tendered as evidence, Indian law expects them to be accompanied by a certificate. Section 63 of the Bharatiya Sakshya Adhiniyam, 2023 (the successor to Section 65B of the Indian Evidence Act, 1872) sets out this requirement, including a Schedule with a prescribed certificate form. The exact application depends on the facts and the court, so treat the provision as it stands and take legal advice where the stakes warrant it.

What is the difference between Section 65B IEA and Section 63 BSA 2023?
Both require a certificate to accompany electronic records. Section 65B belonged to the Indian Evidence Act, 1872, while Section 63 of the Bharatiya Sakshya Adhiniyam, 2023 is its successor under the new code. The BSA modernised the language and introduced a Schedule with a prescribed Part A / Part B certificate form. For matters spanning the changeover, the record's date generally determines which framing applies.

Does e-Dex need an internet connection to produce a certificate?
No. e-Dex runs fully offline on your own Windows machine, so evidence files and hashes never leave your computer. The only optional step that contacts the internet is requesting an RFC-3161 trusted timestamp from a Time-Stamping Authority; everything else, including hashing and certificate generation, works without a network connection.

What is the difference between a hash and a chain of custody?
A cryptographic hash is a digital fingerprint that proves a file has not changed between two points in time. A chain of custody is the documented history of who handled the evidence, when, and how, from collection to court. Hashing proves integrity; chain of custody proves provenance. A strong certificate uses both together.

Can a court-ready certificate guarantee that my evidence is admissible?
No tool can guarantee admissibility. e-Dex helps you produce a well-structured, integrity-backed certificate in the prescribed form, with hashing, optional PAdES signing and a trusted timestamp. Whether evidence is ultimately admitted depends on the facts, the deponent, how the record was collected and the court's view. e-Dex is a tool, not legal advice.

Conclusion

The electronic evidence certificate is what turns a raw file into evidence an Indian court can work with. Getting it right means understanding the move from Section 65B to Section 63, choosing the right kind of certificate for your situation, and backing it with reliable hashing, a real signature and a trusted timestamp. Use this guide as your map, follow the links to the topic you need, and when you are ready to build the certificate itself, download e-Dex — the Digital Evidence Integrity Suite and produce it from file hash to court-ready PDF on a single Windows machine.