What is a digital certificate?

A digital certificate is the electronic version of an ID card, issued by a trusted, independent organization. It is not a certificate you can see or hold, but an encrypted file stored on your PC.

A digital certificate is issued by a certification authority (CA) to guarantee that a user's identity and keys are valid and trustworthy. Digital certificates include the user's name, the public key of the user, the period over which the certificate is valid, and whether the key is to be used for data encryption, verification of digital signatures, or both.

What are certificates used for?

You use a digital certificate to send and receive information electronically and securely. The information you send is encrypted, to prevent any unauthorised person from reading it, and/or "signed", to prove it comes from you, and you alone. This "signature" is an electronic code which guarantees to the recipient that the message came from you and has not been altered by anyone else. It guarantees to the sender that it will only be read by its intended recipient.

How do digital certificates work?

The technology behind digital signatures and encryption is based on a type of cryptography called Public Key Infrastructure (PKI). It is the same technology that allows the secure transmission of your credit card details when you buy something online over a secure connection.

A digital certificate contains a public key and a private key. Once you've sent your public key to someone, they will be able to decrypt and validate any information that you send. Likewise, they need to send their public key to you, so that you can decrypt and validate any information that they send to you.