A digital identification (ID), also known as a digital certificate, is the electronic equivalent to a passport or business license. It is a credential, issued by a trusted authority, that individuals or organizations can present electronically to prove their identity or their right to access information.

When a computer applcation issues digital IDs, it verifies that the owner is not claiming a false identity. Just as when a government issues a passport, it is officially vouching for the identity of the holder. When a computer applcation gives your business a digital certificate, it is putting its name behind your right to use your company name and Web address.

The solution to problems of identification, authentication, and privacy in computer-based systems lies in the field of cryptography. Because of the nonphysical nature of electronic communication, traditional methods of physically marking transactions with a seal or signature are useless. Rather, some mark must be coded into the information itself in order to identify the source and provide privacy against eavesdroppers.

One widely used tool for privacy protection is what cryptographers call a “secret key.” Logon passwords and cash card PINs are examples of secret keys. Consumers share these secret keys only with the parties they want to communicate with, such as an online subscription service or a bank. Private information is then encrypted with this password, and it can only be decrypted by one of the parties holding that same password.

Despite its widespread use, this secret-key system has some serious limitations. As network communications proliferate, it becomes very cumbersome for users to create and remember different passwords for each situation. Moreover, the sharing of a secret key involves inherent risks. In the process of transmitting a password, it can fall into the wrong hands. Or, one of the sharing parties might use it maliciously and then deny all action.

Digital ID technology addresses these issues because it does not rely on the sharing of secret keys. Rather than using the same key to both encrypt and decrypt data, a digital ID uses a matched pair of keys that are unique complements to one another. In other words, what is done by one key can only be undone by the other key in the pair.

In this type of key-pair system, your “private key” gets installed on your server and can only be accessed by you. Your “public key” gets widely distributed as part of a digital ID. Customers, partners, or employees who want to communicate privately with your server can use the public key in your digital ID to encrypt information, and you are then the only one who can decrypt that information. Because the public key alone does not provide access to communications, you do not need to worry about who gets ahold of this key.

Your digital ID tells customers and correspondents that your public key in fact belongs to you. Also, your digital ID contains your name and identifying information, your public key, and digital signature as certification.