Every time a user sends an email it travels across the internet or World Wide Web. It is called the World Wide Web because the internet is made up of thousands of servers or a ‘web of servers’. Each and every communication visits a minimum of 8 and a maximum of 32 servers before it reaches its intended destination. Each of these points of contact represents a security risk. Scripts, viruses, hackers and other devices can intercept the data at any time and can copy or alter it unnoticed.
Device-to-device authentication, two-factor authentication, transaction signing and the inherent ‘digital identity’ within the digital certificate means that you know who and what you’re communicating with.
Encrypting information is only one aspect of security, the other is knowing the identity of the person. If two people choose to communicate by email, how can they be sure that any of the communications were transmitted without being tampered with? Equally, if a website owner wants to be sure that only a specific user gains access to secured information, how can this assurance be provided?
The simple answer is that digital certificates are the digital equivalent of a passport or signature. By opening a user’s digital certificate much of the information that would be available in a passport or drivers license can be viewed in the certificate. The person’s name, the organisation that they work for (or the organisation that issued the certificate) and other information is clearly legible. A digital certificate cannot be compromised or ‘cracked’, this provides the assurance necessary to assure the recipient that the person is genuinely who they claim to be.