Electronic certificates – why?
– To control access to the company’s information systems (extranet, intranet, Internet etc.). Combined with a secure access service, the certificate can replace the vulnerable combination of a login and a password for stronger authentication. A safeguard against phishing, the certificate avoids identity theft.
– To sign documents electronically (combined with an electronic signature application). Electronic signature represents a person’s commitment to the content of a document, guaranteeing the integrity of the document and the identity of the signatory.
– To encrypt data transmitted and guarantee its confidentiality.
Technical principle of electronic certification
The electronic certificate is based on asymmetric cryptography, which uses a public key, made publicly available, and a private key, kept secret:
– a message encrypted with a public key is only legible by the owner of the corresponding private key;
– conversely, a message encrypted with the private key will be legible by everyone who has the public key.
This key system guarantees the identity of the user. The keys are supplied on physical media or in software.