Features

Public Key Infrastructure (PKI) uses certificates to verify users, devices, applications, and servers. As the internet expanded, so did PKI’s remit, from securing email communication and VPNs to underpinning web encryption with HTTPS, digital signatures and machine identity management. PKI now supports countless daily activities. It ensures that data isn’t altered in transit, provides cryptographic proof that a particular user or system approved a transaction or document, and enables automatic trust in millions of systems and devices without sharing passwords. This makes PKI an important tool to protect against phishing, spoofing of websites and services, man-in-the-middle attacks, eavesdropping and data interception, credential theft, impersonation, password-based attacks and data tampering. 

Like a passport that proves identity, PKI issues digital certificates that confirm the identity of users, devices, or systems before any sensitive information is exchanged. PKI’s asymmetric cryptography uses a public key and a private key to lock and unlock sensitive data. These keys can be used by people, devices, and applications. When information is sent from one place to another, a trusted third party, a Certificate Authority (CA), acts like a passport office, and verifies identities and issues certificates that bind keys to real entities.