What are the Advantages & Disadvantages of a Digital Certificate?

By Harvey Spector

Are digital certificates the best form of encryption around, or an unstable target for hackers? We consider the pros and cons.

A digital certificate is an encryption technology that works similar to the Internet version of a passport. Using public key and private key information, digital certificates essentially ensure to the recipient of a message that the message is coming from a specific person. The digital certificate authenticates the identity of the sender to ensure safer communication and prevent fraud on the Internet.

The public key and the private key also work together to encrypt or "seal" your information so that it is more difficult to intercept. In other words, digital certificates don't just work to authenticate the identity of the sender, but also of the recipient. For instance, an email sent on a digital certificate network is encrypted from the moment you click Send to the moment the intended recipient opens the message. If the recipient does not have the private key information indicated on your digital certificate, they will not be able to open the message.

The Advantages of Digital Certificates

The biggest advantages of digital certificate-based authentication are privacy-based. By encrypting your communications — emails, logins or online banking transactions — digital certificates protect your private data and prevent the information from being seen by unintended eyes. Digital certificate systems are also user-friendly, usually working automatically and requiring minimal action or involvement from either senders or recipients. Microsoft states that certificate servers are cheaper and easier to manage than other certificate authorities or systems used for encryption.

The Disadvantages of Digital Certificates

While the idea of digital certificates is to block outsiders from intercepting your messages, the system is not an infallible one. In 2011, for example, a Dutch digital certificate authority called DigiNotar was compromised by hackers. Since certificate authorities are the ones in charge of issuing digital certificates (think of them as the digital version of a passport office), hackers often target these authorities in order to manipulate certificate information. As a result, when a certificate authority is compromised, hackers can create websites or send emails that look genuine and pass certification tests, but are actually fraudulent.

Digital certificate authorities consistently update their software to make sure that security threats like this are kept to a minimum, but security threats are still a concern. In 2013, Forbes noted that digital certificates had become a prime target for hackers and other cybercriminals, given that the information they protect so valuable. The software requires constant vigilance to protect users from cybercrime.