WebMoney
Ru/Eng | Help | Contacts
 
wmtransfer.com / About / Security / Certificates
Sign Up Now
News
About
Security
Fees
Statistics
WM Help Desk
Terms of Use
Contacts
Add Funds
Withdraw Funds
Partner with us
For Retailers/Merchants
For Developers And Webmasters
Services
Новости
Important! Amendments to the Agreement on Property Rights Transfer by Means Of Digital Units 
WebMoney Transfer - winner of the National E-Finance Innovations Awards 2008.  
WebMoney at the Digital Money Forum-2008 
Share and see news and events at WebMoney News Feed , RSS Feed or sign up for news alerts —

Digital Signature and Digital Certificate

For security’s sake, most web applications use digital signatures to sign documents transmitted over the Internet. A digital signature on an e-document serves as a guarantee of data origin and integrity. Digital signature technology grew out of public key cryptography (asymmetric encryption algorithms, like RSA, Diffie-Hellman). In public key cryptography, you have two keys: a private key and a public key. When you send a document to someone, you use your private key to sign the document. When recipients receive the signed document, they use the sender's public key to authenticate the document. Suppose you want to send a digitally signed document. After you create the document, you pass it through a message hash algorithm. The algorithm generates a hash of the document that is a checksum of the contents of the document. You then encrypt the message hash with your private key. The result is a digital signature. The recipient passes the document contents through the same message hash algorithm that you used, and creates a new hash. At the same time, he uses your public key to decrypt your digital signature, thereby converting the signature to the original hash. The recipient then compares the newly generated hash and the original hash. If the hashes match, the recipient can be sure that the document he received is really from you and that no one altered it during transmission. If the hashes don't match, the recipient knows that tampering or a transmission error changed the document contents.

In addition, if it is necessary to protect the document from unauthorized access when it is transmitted over the Internet, the document should be encrypted with the public key. And only the recipient will be able to decrypt it with his private key. Thus, public keys must be transmitted unaltered.

Before users who receive documents from you can verify your digital signature, they must have a way of knowing that your public key is genuine. Without assurance that a public key is legitimate, trusting whether a signed document and its accompanying public key are from the purported sender can be risky. There is the so-called public key third-party trust model. The third-party model introduces the Certificate Authority (CA). A CA is a trustworthy organization that certifies public keys. CAs certify public keys by issuing users a digital certificate that contains the user's identity, public key, and key expiration date. Issue of digital certificates is regulated by X.509 standard.

It should be mentioned that you can store a certificate with public key (hereinafter, the digital certificate) on your computer together with your certificate with the private key (personal digital certificate). When used with e-mail programs, security certificates with private keys are also known as "digital IDs".

A security certificate, whether it is a personal certificate or a Web site certificate, associates an identity with a "public key." Only the owner of the certificate knows the corresponding "private key." The "private key" allows the owner to make a "digital signature" or decrypt information encrypted with the corresponding "public key." When you send your certificate to other people, you are actually giving them your public key, so they can send you encrypted information that only you can decrypt and read with your private key (personal certificate).

The digital signature component of a security certificate is your electronic identity card. The digital signature tells the recipient that the information actually came from you and has not been forged or tampered with.

Before you can start sending encrypted or digitally signed information, you must obtain a certificate and set up Internet Explorer to use it. When you visit a secure Web site (one whose address starts with "https"), the site automatically sends you its certificate.

Personal Digital Certificate

For protection, identification and data transmission, WebMoney Keeper Light uses personal digital certificates and standard SSL (Secure Sockets Layer). Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use this protocol to obtain confidential user information. By convention, URLs that require an SSL connection start with https: instead of http:. SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely.

A personal digital certificate identifies a WMID user. The identification is based on the private key that is stored on the own computer of the WM Keeper Light personal certificate holder (the private key is created on the user’s PC during the registration for the system and it is not transmitted over the Internet). Since the key file is crucial for working with WM Keeper Light, you should save your private key file and store it with maximum security (you should also make several backup copies of your key file).

Personal digital certificates may be used to send encrypted or digitally signed information via email. In order to use this feature, you must install your personal certificate and set up your electronic mail client to use it.

In case a personal digital certificate is issued based on a user’s WebMoney Passport , a user’s verified personal information will be added to the certificate
Passport.webmoney.ru
Passport.wmtransfer.com
Verification Service		 Arbitrage.webmoney.ru
Arbitrage.wmtransfer.com
Arbitration Service		 Geo.webmoney.ru
WebMoney GeoService
Geo Service		 Megastock
Megastock
Internet Resources Catalogue
Enum
Authorization System		 megastock.ru
Internet Resources Catalogueв		 credit.webmoney.ru
Credit Exchange
telepat.ru
Payments via telephoneу		 publicant.ru
Buy E-books online		 masspayment
Bulk Payments Service
capitaller.ru
Automated Budget Tool		 exchanger.ru
Automated p2p-exchange		 indx.ru
Internet Exchange
WM Banking
Bank wires in/out of the System		 plati.ru
Buy goods online		 trust.webmoney.ru
Trust Service
paymer.ru
digital checks		 telepay.wmtransfer.com
Payments towards telecom operators online 		mail.wmkeeper.com
WebMoney Mail
security.wmtransfer.com
Security in the System		 cards.webmoney.ru
WM Debit Cards		 wm2mail.webmoney.ru
Transferring funds to e-mail
files.webmoney.ru
Secure files transfer		 education.webmoney.ru
Learning more about WM		 notify.webmoney.ru
Notification Service
Close 
The usage of WEBMONEY and WEBMONEY TRANSFER graphic logos by the site holders is authorized by trademark owners. Copyright WebMoney © 1997-2007
Contact Us  |  Help  |  Terms of Use

For all questions mail to support@wmtransfer.com