A digital certificate is a unique link between the certificate holder and his public key. The certificate contains the user’s basic data and the public key. In open systems, digital certificates are publicly available, which allows finding and verifying the identity of the signer based on their public key.
Customers can mitigate the level of responsibility and risk in electronic commerce using qualified or non-qualified digital certificates.
- Non-qualified certificates are based on the contractual relationship of parties who have an agreement and operate according to well-established channels. In electronic business between parties who have never done business with each other before, it makes sense to include a third party who issues qualified certificates.
- Qualified certificates are based on a clearly defined formal process of identification of the holder. The possibility of misuse is minimal, because convincing evidence of the identity of the signer is provided. This type of identification can be carried out by certification authorities and by authorized registration authorities on their behalf.
A digital certificate is the holders identity card in electronic commerce. The certificates are issued by various Certificate Authorities, but not all of them provide the same degree of security. Effectively, this means that users can choose the degree of security they need for their business.