Digital certificates are digitally encrypted storage vehicles for transporting personal information, especially digital signatures, over the Internet. They are appended as attachments to electronic communications in order to verify the identity of the sender and provide the tools necessary for the recipient to encode a response. The thrust of the technology is to provide individuals engaging in online transactions with authentic digital credentials for use over the Internet, and to secure those credentials in the transaction over multiple servers.
The appeal of digital certificates in e-commerce is obvious. They greatly enhance the security and speed of online transactions, making the Internet's instantaneous sales and communications possibilities more viable. In the early 2000s, digital certificates were a primary means for the advancement of Web-based commerce. They validate the user at the point of purchase, streamlining the transaction process by eliminating the need for third-party validation. The information contained in the certificate includes the user's name and e-mail address, expiration data, a serial number, and the name of the certificate authority that issued the certificate.
Certificates are granted upon successful application to a certificate authority, and are sent via electronic communication, usually e-mail. Issuers generally devise a certification practice statement to clarify the conditions upon which the authority authenticates the individual. Upon receiving the certificate, the user has the information verified by a notary, after which the certificate can be used officially for electronic transactions, acting as a legally binding electronic signature. Public-key infrastructure encryption methods are used to electronically mask signatures during transmission, simultaneously providing the recipient with a method for decrypting the signature and encrypting a reply.
Digital certificates were developed by Salt Lake City-based Zions First National Bank in conjunction with the American Bankers Association. The organizations launched a pilot program with the U. S. Social Security Administration in the late 1990s in which hundreds of companies filed their Social Security reports online using digital certificates. The tremendous success of the program opened the door for wider interest and application. In summer 2000, President Bill Clinton signed into law, using a digital certificate, the Electronic Signatures in Global & National Commerce Act. This legislation heralded a turning point, particularly for online banking, which had been forestalled by concerns over the security and authentication of online financial transactions. By making these digital signatures legally binding and secure, Web-based banking was expected to finally begin fulfilling its tremendous promise.
The early 2000s witnessed a flurry of new technologies aimed at facilitating the wider application and integration of digital certificates, such as Web forms designed to accept certificates. Other developments included storage space for digital certificates in secure central directories. Traditionally, digital certificates requiring desktop software didn't transfer easily between different kinds of computers or browsers. The process for utilizing digital certificates across different operating systems or browsers was cumbersome, generally involving a separate cryptography tool kit installed on a desktop. Downloading and storing certificates allows users to access their certificates from any remote location via the Internet. Security vendors such as RSA Security, Arcot Systems, Entrust Technologies, and VeriSign all rolled out versions of remote Web-based certificate storage and access in the early 2000s, according to Internetweek.
Digital certificates generally are stored as files on personal computer Web browsers and are protected by personal identification numbers (PINs), thereby verifying that communications come from particular users. However, some imperfections are implicit. For instance, a digital certificate essentially authenticates the computer, and not the individual using it. While users of digital certificates typically safeguard their machines with layers of personal verification for use, in addition to the PIN, certificates stored on computers are nonetheless susceptible to hackers. One highly touted solution to this difficulty was the augmenting of digital certificates with biometric technology, which verifies identity via personal characteristics such as fingerprints, retina, or voice.
Alternatively, certificates can be embedded on smart cards or similar devices. The latter method was becoming more common as computers were manufactured with built-in smart-card readers. This method affords the additional benefit of allowing users to employ the digital certificate both at their computer and, once the infrastructure is widely in place, in physical-world settings like automatic teller machines (ATMs) for credit and debit transactions.
Bielski, Lauren. "Digital Certificates Get Mobilized by 'E-Sign Act."' ABA Banking Journal. September, 2000.
Connolly, P. J. "Digital Certificates are Gaining Ground in Business." InfoWorld. October 16, 2000.
Hammell, Benjamin. "Are Digital Certificates Secure?" Communications News. December, 2000.
Harrison, Ann. "Digital Certificates." Computerworld. August 14, 2000.
Koller, Mike, and Rutrell Yasin. "Security Gets Some Legs: Digital ID Systems No Longer Hold Users Captive to a Single Browser, PC or Location." Internetweek. December 11, 2000.
O'Donnell, Anthony. "Security on the Internet: Who Goes There?" Insurance & Technology. January, 2001.
Streeter, Bill. "Will Banks Have a Role in e-Commerce? It's a 'Cert'ainty." ABA Banking Journal. September, 2000.
SEE ALSO: Banking, Online; Biometrics; Cryptography, Public and Private Key; Digital Certificate Authority; DigitalSignature; Digital Signature Legislation; Encryption
"Digital Certificate." Gale Encyclopedia of E-Commerce. . Encyclopedia.com. (September 25, 2017). http://www.encyclopedia.com/economics/encyclopedias-almanacs-transcripts-and-maps/digital-certificate
"Digital Certificate." Gale Encyclopedia of E-Commerce. . Retrieved September 25, 2017 from Encyclopedia.com: http://www.encyclopedia.com/economics/encyclopedias-almanacs-transcripts-and-maps/digital-certificate
Encyclopedia.com gives you the ability to cite reference entries and articles according to common styles from the Modern Language Association (MLA), The Chicago Manual of Style, and the American Psychological Association (APA).
Within the “Cite this article” tool, pick a style to see how all available information looks when formatted according to that style. Then, copy and paste the text into your bibliography or works cited list.
Because each style has its own formatting nuances that evolve over time and not all information is available for every reference entry or article, Encyclopedia.com cannot guarantee each citation it generates. Therefore, it’s best to use Encyclopedia.com citations as a starting point before checking the style against your school or publication’s requirements and the most-recent information available at these sites:
Modern Language Association
The Chicago Manual of Style
American Psychological Association
- Most online reference entries and articles do not have page numbers. Therefore, that information is unavailable for most Encyclopedia.com content. However, the date of retrieval is often important. Refer to each style’s convention regarding the best way to format page numbers and retrieval dates.
- In addition to the MLA, Chicago, and APA styles, your school, university, publication, or institution may have its own requirements for citations. Therefore, be sure to refer to those guidelines when editing your bibliography or works cited list.