Network: The virtual fingerprint

One of the toughest problems faced by Net users is that of authenticati on: how do you know who you are really dealing with? Now there is a way to tell. Jan Libbenga reports

Although the Internet has become a hotbed of advertising and commercial activity, shopping online is still in its infancy. Sure, you can order any product on the Web and pay by credit card or even by digital cash, but there is no guarantee that what you've ordered will be delivered to your doorstep.

How do you tell a genuine online shop from an outright fraud? You can't. There is not even a Web police force to chase the pranksters. It is not just shopping that worries users. According to Bill Gates, billionaire owner of Microsoft, more than 80 per cent of the e-mail sent in his name is actually from pranksters.

But help is at hand. An American company called VeriSign issues digital signatures, "fingerprints" that assure you that the people you are dealing with online are indeed who they say they are, or that documents haven't been tampered with. Digital signatures are based on a technique called public key cryptography, which is used for scrambling information so that it can't be viewed by anyone other than the intended recipient.

To sign a digital signature to a document you need to create two digital numbers called "keys", one public and one private. You feed both the document and your private key into a computer program, which creates the signature and puts it on the document.

With a copy of your public key, the recipient can determine whether the signature is authentic. Digital IDs are superior to written signatures because they cannot be altered. A signed document can always be changed; that's why both parties should keep a copy. But if you try to change a digital document it will invalidate the signature.

Digital signatures have other advantages, as well. You can always tell when a document was produced, as long as it has been time-stamped. If someone claims he wrote a song which in fact belongs to you, you may be able to prove him wrong.

Digital signatures are not a new phenomenon. They are currently built into most popular Internet cryptology programs such as Pretty Good Privacy (PGP). Unfortunately, many of the public keys used for these programs are not at all genuine, either. Some of them belong to people who claim deeply suspect e-mail addresses such as president@whitehouse.gov.

Until recently there was no trusted certificate authority to issue public keys. That's why VeriSign is offering several classes of public certification. Not only will VeriSign confirm that your e-mail name is a unique name in their database; it will also take information from you in order to verify it with a third party. With some classes you even have to present yourself (in person) to an authorised party. Say you run a company called Anysoft, and would like to sell software over the Internet. If someone connects to a secured Web site with the address www.anysoft.com, he can be sure that it is Anysoft he's dealing with. VeriSign charges about $300 for a merchant validation.

Web browsers and servers are the first wave of products designed to take advantage of the technology. VeriSign's digital IDs are already used in Web browsers from Netscape and Microsoft. Microsoft even uses the technology to legitimise copies of commercial software downloaded over the Net. Digital signatures can also be used to authenticate publishers of software components written in languages such as Java and ActiveX.

Java originally used a "sandbox" model for security, in which Java components loaded from the network were granted extremely limited capabilities. But, with a new signing technology called Authenticode, applets (tightly focused mini-applications) can be given free rein to do virtually anything. Depending on their digital signature, of course.

In Microsoft's new browser, Internet Explorer 4 (still in beta), users can even identify four zones of trust, including Internet and intranet (sites inside a corporation), where applets can be either "trusted" or "untrusted".

VeriSign is not the only company that develops digital IDs. The telecommunications company GTE has a product called CyberTrust which has the same features and levels of service that VeriSign offers. The US Postal Service is planning to use IDs for e-mail services only. It will charge for a digital postmark for each transaction.

Although VeriSign faces potential competition from these companies, most observers say that it has an impressive head start. VeriSign has issued more than 100,000 digital IDs and has partnerships with more than 50 leading Internet application providers. Last year the company announced a strategic alliance with America Online (AOL) to provide its customers with digital IDs for use in a wide range of electronic commerce and communications applications. Others will follow.

So, digital IDs are here to say. Better not send any e-mail without them.

VeriSign - http://www.verisign.com.

Start your day with The Independent, sign up for daily news emails
Sport
football This was Kane’s night, even if he played just a small part of it
Travel
travel Dreamland Margate, Britain’s oldest amusement park, is set to reopen
News
news
News
Founders James Brown and Tim Southwell with a mock-up of the first ever ‘Loaded’ magazine in 1994
media
Have you tried new the Independent Digital Edition apps?
ebooks
ebooksA special investigation by Andy McSmith
News
Threlfall says: 'I am a guardian of the reality keys. I think I drive directors nuts'
people
Voices
voices The group has just unveiled a billion dollar plan to help nurse the British countryside back to health
News
The Westgate, a gay pub in the centre of Gloucester which played host to drag queens, has closed
news
  • Get to the point
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Media

Ashdown Group: Web Developer - ASP.NET, C#, MVC - London

£45000 - £55000 per annum + Excellent benefits: Ashdown Group: Web Developer -...

Ashdown Group: .NET Developer : ASP.NET , C# , MVC , web development

£40000 - £50000 per annum + Excellent benefits - see advert: Ashdown Group: .N...

Guru Careers: 3D Package Designer / 3D Designer

£25 - 30K: Guru Careers: We are seeking an exceptional 3D Package Designer / 3...

Guru Careers: Interior Designer

£Competitive: Guru Careers: We are seeking a strong Middleweight / Senior Inte...

Day In a Page

The saffron censorship that governs India: Why national pride and religious sentiment trump freedom of expression

The saffron censorship that governs India

Zareer Masani reveals why national pride and religious sentiment trump freedom of expression
Prince Charles' 'black spider' letters to be published 'within weeks'

Prince Charles' 'black spider' letters to be published 'within weeks'

Supreme Court rules Dominic Grieve's ministerial veto was invalid
Distressed Zayn Malik fans are cutting themselves - how did fandom get so dark?

How did fandom get so dark?

Grief over Zayn Malik's exit from One Direction seemed amusing until stories of mass 'cutting' emerged. Experts tell Gillian Orr the distress is real, and the girls need support
The galaxy collisions that shed light on unseen parallel Universe

The cosmic collisions that have shed light on unseen parallel Universe

Dark matter study gives scientists insight into mystery of space
The Swedes are adding a gender-neutral pronoun to their dictionary

Swedes introduce gender-neutral pronoun

Why, asks Simon Usborne, must English still struggle awkwardly with the likes of 's/he' and 'they'?
Disney's mega money-making formula: 'Human' remakes of cartoon classics are part of a lucrative, long-term creative plan

Disney's mega money-making formula

'Human' remakes of cartoon classics are part of a lucrative, long-term creative plan
Lobster has gone mainstream with supermarket bargains for £10 or less - but is it any good?

Lobster has gone mainstream

Anthea Gerrie, raised on meaty specimens from the waters around Maine, reveals how to cook up an affordable feast
Easter 2015: 14 best decorations

14 best Easter decorations

Get into the Easter spirit with our pick of accessories, ornaments and tableware
Paul Scholes column: Gareth Bale would be a perfect fit at Manchester United and could turn them into serious title contenders next season

Paul Scholes column

Gareth Bale would be a perfect fit at Manchester United and could turn them into serious title contenders next season
Inside the Kansas greenhouses where Monsanto is 'playing God' with the future of the planet

The future of GM

The greenhouses where Monsanto 'plays God' with the future of the planet
Britain's mild winters could be numbered: why global warming is leaving UK chillier

Britain's mild winters could be numbered

Gulf Stream is slowing down faster than ever, scientists say
Government gives £250,000 to Independent appeal

Government gives £250,000 to Independent appeal

Donation brings total raised by Homeless Veterans campaign to at least £1.25m
Oh dear, the most borrowed book at Bank of England library doesn't inspire confidence

The most borrowed book at Bank of England library? Oh dear

The book's fifth edition is used for Edexcel exams
Cowslips vs honeysuckle: The hunt for the UK’s favourite wildflower

Cowslips vs honeysuckle

It's the hunt for UK’s favourite wildflower
Child abuse scandal: Did a botched blackmail attempt by South African intelligence help Cyril Smith escape justice?

Did a botched blackmail attempt help Cyril Smith escape justice?

A fresh twist reveals the Liberal MP was targeted by the notorious South African intelligence agency Boss