Certificates are digital documents that you use to verify your identity on the Government Gateway. They also contain software to enable documents, electronic files or other messages to be digitally signed, and protect any sensitive or confidential information which you submit over the internet.
Certificates use Public Key Infrastructure (PKI) technology to encrypt and decrypt information.
Information can be decrypted only when both a 'private key' and a 'public key' match each other.
The certificate contains information about your identity (for example, your name, email address, the date the certificate was issued and the name of the certificate authority which issued it). The certificate also contains the 'public key'.
The 'private key' is stored on your computer's hard disk. You retain control of the private key; and it can only be used if you know the password.
When you sign a transaction, you are encrypting the information with your private key. When the recipient receives the information with your certificate, they can decrypt the information using the public key on your certificate.
Signing a transaction:
- verifies your identity
- establishes your credentials to perform this transaction
- protects the integrity of the information itself (it cannot be changed once you have signed it). The level of security in this technology means that electronically signing a transaction is legally binding. Once you have digitally signed a transaction you cannot deny that you sent it. This is known as 'non-repudiation'.
When you are sent information, it is encrypted using the public key on your certificate. The information can only be decrypted with your private key. This ensures the information remains confidential.
You obtain certificates from approved certificate authorities.