Network: The virtual fingerprint

One of the toughest problems faced by Net users is that of authenticati on: how do you know who you are really dealing with? Now there is a way to tell. Jan Libbenga reports

Although the Internet has become a hotbed of advertising and commercial activity, shopping online is still in its infancy. Sure, you can order any product on the Web and pay by credit card or even by digital cash, but there is no guarantee that what you've ordered will be delivered to your doorstep.

How do you tell a genuine online shop from an outright fraud? You can't. There is not even a Web police force to chase the pranksters. It is not just shopping that worries users. According to Bill Gates, billionaire owner of Microsoft, more than 80 per cent of the e-mail sent in his name is actually from pranksters.

But help is at hand. An American company called VeriSign issues digital signatures, "fingerprints" that assure you that the people you are dealing with online are indeed who they say they are, or that documents haven't been tampered with. Digital signatures are based on a technique called public key cryptography, which is used for scrambling information so that it can't be viewed by anyone other than the intended recipient.

To sign a digital signature to a document you need to create two digital numbers called "keys", one public and one private. You feed both the document and your private key into a computer program, which creates the signature and puts it on the document.

With a copy of your public key, the recipient can determine whether the signature is authentic. Digital IDs are superior to written signatures because they cannot be altered. A signed document can always be changed; that's why both parties should keep a copy. But if you try to change a digital document it will invalidate the signature.

Digital signatures have other advantages, as well. You can always tell when a document was produced, as long as it has been time-stamped. If someone claims he wrote a song which in fact belongs to you, you may be able to prove him wrong.

Digital signatures are not a new phenomenon. They are currently built into most popular Internet cryptology programs such as Pretty Good Privacy (PGP). Unfortunately, many of the public keys used for these programs are not at all genuine, either. Some of them belong to people who claim deeply suspect e-mail addresses such as

Until recently there was no trusted certificate authority to issue public keys. That's why VeriSign is offering several classes of public certification. Not only will VeriSign confirm that your e-mail name is a unique name in their database; it will also take information from you in order to verify it with a third party. With some classes you even have to present yourself (in person) to an authorised party. Say you run a company called Anysoft, and would like to sell software over the Internet. If someone connects to a secured Web site with the address, he can be sure that it is Anysoft he's dealing with. VeriSign charges about $300 for a merchant validation.

Web browsers and servers are the first wave of products designed to take advantage of the technology. VeriSign's digital IDs are already used in Web browsers from Netscape and Microsoft. Microsoft even uses the technology to legitimise copies of commercial software downloaded over the Net. Digital signatures can also be used to authenticate publishers of software components written in languages such as Java and ActiveX.

Java originally used a "sandbox" model for security, in which Java components loaded from the network were granted extremely limited capabilities. But, with a new signing technology called Authenticode, applets (tightly focused mini-applications) can be given free rein to do virtually anything. Depending on their digital signature, of course.

In Microsoft's new browser, Internet Explorer 4 (still in beta), users can even identify four zones of trust, including Internet and intranet (sites inside a corporation), where applets can be either "trusted" or "untrusted".

VeriSign is not the only company that develops digital IDs. The telecommunications company GTE has a product called CyberTrust which has the same features and levels of service that VeriSign offers. The US Postal Service is planning to use IDs for e-mail services only. It will charge for a digital postmark for each transaction.

Although VeriSign faces potential competition from these companies, most observers say that it has an impressive head start. VeriSign has issued more than 100,000 digital IDs and has partnerships with more than 50 leading Internet application providers. Last year the company announced a strategic alliance with America Online (AOL) to provide its customers with digital IDs for use in a wide range of electronic commerce and communications applications. Others will follow.

So, digital IDs are here to say. Better not send any e-mail without them.

VeriSign -

Start your day with The Independent, sign up for daily news emails
Barn owls are among species that could be affected
charity appeal
Sarah Silverman (middle) with sister Reform Rabbi Susan Silverman (right) and sister actress Laura Silverman (left) at Jerusalem's Western Wall for feminist Hanuka candle-lighting ceremony
peopleControversial comedian stages pro-equality Hanukkah lighting during a protest at Jerusalem's Wailing Wall
Arts and Entertainment
The Bach Choir has been crowned the inaugural winner of Sky Arts’ show The Great Culture Quiz
arts + ents140-year-old choir declared winner of Sky Arts' 'The Great Culture Quiz'
After another poor series in Sri Lanka, Alastair Cook claimed all players go through a lean period
cricketEoin Morgan reportedly to take over ODI captaincy
Have you tried new the Independent Digital Edition apps?
ebooksA year of political gossip, levity and intrigue from the sharpest pen in Westminster
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Media

Ashdown Group: (PHP / Python) - Global Media firm

£50000 per annum + 26 days holiday,pension: Ashdown Group: A highly successful...

Ashdown Group: Analyst Programmer (Filemaker Pro/ SQL) - Global Media firm

£50000 per annum + 26 days, pension, private medical : Ashdown Group: A highly...

Ashdown Group: IT Support Analyst - Chessington

£25000 per annum: Ashdown Group: IT Service Desk Analyst - Chessington, Surrey...

Charter Selection: Graphic Designer, Guildford

£35000 - £40000 per annum: Charter Selection: This renowned and well establish...

Day In a Page

Homeless Veterans appeal: 'You look for someone who's an inspiration and try to be like them'

Homeless Veterans appeal

In 2010, Sgt Gary Jamieson stepped on an IED in Afghanistan and lost his legs and an arm. He reveals what, and who, helped him to make a remarkable recovery
Could cannabis oil reverse the effects of cancer?

Could cannabis oil reverse effects of cancer?

As a film following six patients receiving the controversial treatment is released, Kate Hilpern uncovers a very slippery issue
The Interview movie review: You can't see Seth Rogen and James Franco's Kim Jong Un assassination film, but you can read about it here

The Interview movie review

You can't see Seth Rogen and James Franco's Kim Jong Un assassination film, but you can read about it here
Serial mania has propelled podcasts into the cultural mainstream

How podcasts became mainstream

People have consumed gripping armchair investigation Serial with a relish typically reserved for box-set binges
Jesus Christ has become an unlikely pin-up for hipster marketing companies

Jesus Christ has become an unlikely pin-up

Kevin Lee Light, aka "Jesus", is the newest client of creative agency Mother while rival agency Anomaly has launched Sexy Jesus, depicting the Messiah in a series of Athena-style poses
Rosetta space mission voted most important scientific breakthrough of 2014

A memorable year for science – if not for mice

The most important scientific breakthroughs of 2014
Christmas cocktails to make you merry: From eggnog to Brown Betty and Rum Bumpo

Christmas cocktails to make you merry

Mulled wine is an essential seasonal treat. But now drinkers are rediscovering other traditional festive tipples. Angela Clutton raises a glass to Christmas cocktails
5 best activity trackers

Fitness technology: 5 best activity trackers

Up the ante in your regimen and change the habits of a lifetime with this wearable tech
Paul Scholes column: It's a little-known fact, but I have played one of the seven dwarves

Paul Scholes column

It's a little-known fact, but I have played one of the seven dwarves
Fifa's travelling circus once again steals limelight from real stars

Fifa's travelling circus once again steals limelight from real stars

Club World Cup kicked into the long grass by the continued farce surrounding Blatter, Garcia, Russia and Qatar
Frank Warren column: 2014 – boxing is back and winning new fans

Frank Warren: Boxing is back and winning new fans

2014 proves it's now one of sport's biggest hitters again
Jeb Bush vs Hillary Clinton: The power dynamics of the two first families

Jeb Bush vs Hillary Clinton

Karen Tumulty explores the power dynamics of the two first families
Stockholm is rivalling Silicon Valley with a hotbed of technology start-ups

Stockholm is rivalling Silicon Valley

The Swedish capital is home to two of the most popular video games in the world, as well as thousands of technology start-ups worth hundreds of millions of pounds – and it's all happened since 2009
Did Japanese workers really get their symbols mixed up and display Santa on a crucifix?

Crucified Santa: Urban myth refuses to die

The story goes that Japanese store workers created a life-size effigy of a smiling "Father Kurisumasu" attached to a facsimile of Our Lord's final instrument of torture
Jennifer Saunders and Kate Moss join David Walliams on set for TV adaptation of The Boy in the Dress

The Boy in the Dress: On set with the stars

Walliams' story about a boy who goes to school in a dress will be shown this Christmas