What is a Digital Certificate / Digital Signature
Digital signatures are typically assigned digital certificates. Digital signatures/digital certificate are a mathematical way of verifying the authenticity of digital messages to prevent forgery and tampering throughout the sending and receiving process. Think of digital signatures as the digital equivalent as a handwritten signature or a stamped seal.
Digital signatures not only prevent impersonation. But provide evidence of an electronic messages origin, identity and status, as well as a signer’s informed consent. Digital signatures are based on asymmetric cryptography. A process that protects sensitive information with two mathematically linked keys:
1. A private key which is only known to the person it belongs to.
2. A public key, which is shared with anyone who needs to access the digital message.
Encrypting and decrypting signature related data relies on both the sender and the receiver’s specific private and public keys. This security measures banks on the trust that the sender’s private key has not been shared with anyone else.
There are three different classes of digital signatures, each with different levels of security and legality.
Class 1 digital signatures provide a basic level of security for low risk environments and are not legally binding for business documents.
Class 2 digital signatures authenticate a signees’ indemnity against a pre-verified database. These signatures are used in a higher risk environment when there’s a moderate consequence with data compromise, like e-filing tax documents, or normal DocuSign without ID validation. Simply by clicking on an email with a link to sign.
Class 3 digital signatures require a person to present in front of a certifying authority (where KBA and ID validation fall in place) to prove identity before adopting a signature and signing.
Digital certificates are issued by a Certificate Authority (CA) that’s well respected generally. Example: GoDaddy and DigiCert. Those companies lobby to maintain status.