The solution to problems of identification,
authentication, and privacy in computer-based systems lies in the field of cryptography. Because
of the non-physical nature of electronic communication, traditional methods of physically
marking transactions with a seal or signature are useless. Rather, some mark must be coded into
the information itself in order to identify the source and provide privacy against eavesdroppers.
One widely-used tool for privacy protection is what cryptographers call a "secret key."
Log-on passwords and cash card PINs are examples of secret keys. Consumers share these secret keys
only with the parties they want to communicate with, such as an on-line subscription service or a
bank. Private information is then encrypted with this secret key, and it can only be decrypted by
one of the parties holding that same key.
Despite its widespread use, this secret-key system has some serious limitations. As network
communications proliferate, it becomes very cumbersome for users to create and remember different
passwords for each situation. Moreover, the sharing of a secret key involves inherent risks. In
the process of transmitting a password, it can fall into the wrong hands. Or one of the sharing
parties might use it maliciously and then deny all action.
Digital ID technology addresses these issues because it does not rely on the sharing of secret
keys. Rather than using the same key to both encrypt and decrypt data, a Digital ID uses a matched
pair of keys which are unique complements to one another. In other words, what is done by one key
can only be undone by the other key in the pair.
In this type of key-pair system, your "private key" gets installed on your server
and can only be accessed by you. Your "public key" gets widely distributed as part
of a Digital ID. Customers or correspondents who want to communicate with you privately can
use the public key in your Digital ID to encrypt information, and you are then the only one
who can decrypt that information. Since the public key alone does not provide access to
communications, you do not need to worry about who gets hold of this key.
Your Digital ID tells customers and correspondents that your public key in fact belongs to you
Your ID contains your name and identifying information, your public key, and VeriSign´s own
digital signature as certification.