A Digital Signature is a form of online encryption that ensures a message does not have its contents altered or tampered with during transit.
It is the most secure and advanced form of electronic signature available.
When your server digitally signs information it sends, it adds a one-way hash using the public and private key pair.
This means that clients who receive encrypted information from you can decode it using your server’s public key.
If any tampering is made to the information during transit, the Digital Signature is altered.
In this case, you are alerted to a third-party intercepting and tampering with the information.
How does it work?
A Digital Signature is a numerical value represented as a sequence of characters.
These are so complex that only a computer can create and decrypt one.
To break it down, let’s consider James is making payment via a secure online shop and his credit card information needs to be sent to the shop’s server:
- James enters his credit card information through an SSL-secured online shop.
- The credit card details are encrypted with the Public Key and assigned a Digital Signature.
- The encrypted information is sent to the online shop’s server for confirmation.
- The server decrypts the information using the connected Private Key (which is located on-server) and calculates the Digital Signature of the original message.
- If the received Signature does not match the calculated Signature, then the information has been tampered with by a third-party during transit.
Mitchell has a Bachelor of Arts with Majors in Journalism and Foreign Relations; and a Diploma of Digital Design.