Network: The virtual fingerprint

One of the toughest problems faced by Net users is that of authenticati on: how do you know who you are really dealing with? Now there is a way to tell. Jan Libbenga reports

Although the Internet has become a hotbed of advertising and commercial activity, shopping online is still in its infancy. Sure, you can order any product on the Web and pay by credit card or even by digital cash, but there is no guarantee that what you've ordered will be delivered to your doorstep.

How do you tell a genuine online shop from an outright fraud? You can't. There is not even a Web police force to chase the pranksters. It is not just shopping that worries users. According to Bill Gates, billionaire owner of Microsoft, more than 80 per cent of the e-mail sent in his name is actually from pranksters.

But help is at hand. An American company called VeriSign issues digital signatures, "fingerprints" that assure you that the people you are dealing with online are indeed who they say they are, or that documents haven't been tampered with. Digital signatures are based on a technique called public key cryptography, which is used for scrambling information so that it can't be viewed by anyone other than the intended recipient.

To sign a digital signature to a document you need to create two digital numbers called "keys", one public and one private. You feed both the document and your private key into a computer program, which creates the signature and puts it on the document.

With a copy of your public key, the recipient can determine whether the signature is authentic. Digital IDs are superior to written signatures because they cannot be altered. A signed document can always be changed; that's why both parties should keep a copy. But if you try to change a digital document it will invalidate the signature.

Digital signatures have other advantages, as well. You can always tell when a document was produced, as long as it has been time-stamped. If someone claims he wrote a song which in fact belongs to you, you may be able to prove him wrong.

Digital signatures are not a new phenomenon. They are currently built into most popular Internet cryptology programs such as Pretty Good Privacy (PGP). Unfortunately, many of the public keys used for these programs are not at all genuine, either. Some of them belong to people who claim deeply suspect e-mail addresses such as president@whitehouse.gov.

Until recently there was no trusted certificate authority to issue public keys. That's why VeriSign is offering several classes of public certification. Not only will VeriSign confirm that your e-mail name is a unique name in their database; it will also take information from you in order to verify it with a third party. With some classes you even have to present yourself (in person) to an authorised party. Say you run a company called Anysoft, and would like to sell software over the Internet. If someone connects to a secured Web site with the address www.anysoft.com, he can be sure that it is Anysoft he's dealing with. VeriSign charges about $300 for a merchant validation.

Web browsers and servers are the first wave of products designed to take advantage of the technology. VeriSign's digital IDs are already used in Web browsers from Netscape and Microsoft. Microsoft even uses the technology to legitimise copies of commercial software downloaded over the Net. Digital signatures can also be used to authenticate publishers of software components written in languages such as Java and ActiveX.

Java originally used a "sandbox" model for security, in which Java components loaded from the network were granted extremely limited capabilities. But, with a new signing technology called Authenticode, applets (tightly focused mini-applications) can be given free rein to do virtually anything. Depending on their digital signature, of course.

In Microsoft's new browser, Internet Explorer 4 (still in beta), users can even identify four zones of trust, including Internet and intranet (sites inside a corporation), where applets can be either "trusted" or "untrusted".

VeriSign is not the only company that develops digital IDs. The telecommunications company GTE has a product called CyberTrust which has the same features and levels of service that VeriSign offers. The US Postal Service is planning to use IDs for e-mail services only. It will charge for a digital postmark for each transaction.

Although VeriSign faces potential competition from these companies, most observers say that it has an impressive head start. VeriSign has issued more than 100,000 digital IDs and has partnerships with more than 50 leading Internet application providers. Last year the company announced a strategic alliance with America Online (AOL) to provide its customers with digital IDs for use in a wide range of electronic commerce and communications applications. Others will follow.

So, digital IDs are here to say. Better not send any e-mail without them.

VeriSign - http://www.verisign.com.

Sport
David Moyes and Louis van Gaal
football
Sport
New Zealand fly-half Aaron Cruden pictured in The Zookeeper's Son on a late-night drinking session
rugby
News
Liam Payne has attacked the media for reporting his tweet of support to Willie Robertson and the subsequent backlash from fans
peopleBut One Direction star insists he is not homophobic
Arts and Entertainment
A bit rich: Maggie Smith in Downton Abbey
tvSeries 5 opening episode attracts lowest ratings since drama began
PROMOTED VIDEO
Have you tried new the Independent Digital Edition apps?
News
ebooksAn unforgettable anthology of contemporary reportage
News
Jacqueline Bisset has claimed that young women today are obsessed with being 'hot', rather than 'charming', 'romantic' or 'beautiful'
people
Sport
Greg Dyke insists he will not resign as Football Association chairman after receiving a watch worth more than £16,000 but has called for an end to the culture of gifts being given to football officials
football
Life and Style
A new app has been launched that enables people to have a cuddle from a stranger
techNew app offers 'PG alternative' to dating services like Tinder
News
people
Arts and Entertainment
Jake Quickenden sings his heart out in his second audition
tvX Factor: How did the Jakes - and Charlie Martinez - fare?
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Media

Senior Account Executive / Account Executive

£25 - 30k (DOE) + Bonus & Benefits: Guru Careers: We are looking for an Accoun...

Account Manager / Sales Account Manager / Recruitment Account Manager

£25k Basic (DOE) – (£30k year 1 OTE) : Guru Careers: We are seeking a bright A...

Resourcer / Junior Recruiter

£15-20k (DOE) + Benefits / Bonus: Guru Careers: We are seeking a bright R...

Web Designer / Digital Designer

£25 - 40k (DOE) + Excellent Benefits: Guru Careers: We are seeking a Web Desig...

Day In a Page

A roller-coaster tale from the 'voice of a generation'

Not That Kind of Girl:

A roller-coaster tale from 'voice of a generation' Lena Dunham
London is not bedlam or a cradle of vice. In fact it, as much as anywhere, deserves independence

London is not bedlam or a cradle of vice

In fact it, as much as anywhere, deserves independence
Vivienne Westwood 'didn’t want' relationship with Malcolm McLaren

Vivienne Westwood 'didn’t want' relationship with McLaren

Designer 'felt pressured' into going out with Sex Pistols manager
Jourdan Dunn: Model mother

Model mother

Jordan Dunn became one of the best-paid models in the world
Apple still coolest brand – despite U2 PR disaster

Apple still the coolest brand

Despite PR disaster of free U2 album
Scottish referendum: The Yes vote was the love that dared speak its name, but it was not to be

Despite the result, this is the end of the status quo

Boyd Tonkin on the fall-out from the Scottish referendum
Manolo Blahnik: The high priest of heels talks flats, Englishness, and why he loves Mary Beard

Manolo Blahnik: Flats, Englishness, and Mary Beard

The shoe designer who has been dubbed 'the patron saint of the stiletto'
The Beatles biographer reveals exclusive original manuscripts of some of the best pop songs ever written

Scrambled eggs and LSD

Behind The Beatles' lyrics - thanks to Hunter Davis's original manuscript copies
'Normcore' fashion: Blending in is the new standing out in latest catwalk non-trend

'Normcore': Blending in is the new standing out

Just when fashion was in grave danger of running out of trends, it only went and invented the non-trend. Rebecca Gonsalves investigates
Dance’s new leading ladies fight back: How female vocalists are now writing their own hits

New leading ladies of dance fight back

How female vocalists are now writing their own hits
Mystery of the Ground Zero wedding photo

A shot in the dark

Mystery of the wedding photo from Ground Zero
His life, the universe and everything

His life, the universe and everything

New biography sheds light on comic genius of Douglas Adams
Save us from small screen superheroes

Save us from small screen superheroes

Shows like Agents of S.H.I.E.L.D are little more than marketing tools
Reach for the skies

Reach for the skies

From pools to football pitches, rooftop living is looking up
These are the 12 best hotel spas in the UK

12 best hotel spas in the UK

Some hotels go all out on facilities; others stand out for the sheer quality of treatments