SSL.com’s Business Identity document signing, client authentication, and email certificates are delivered on FIPS 140.2 validated YubiKey USB tokens, offering many benefits to SSL.com customers.
The YubiKey FIPS token offers extra security for your private keys, which are protected by a PIN and are not exportable from the device. Plus, you get the convenience of having your certificates and keys installed on a small USB token that you can put on your keychain and take anywhere!
Read on to find out more about all the great features offered by our Business Identity certificates, plus ordering information:
- FIPS 140.2 Validated Hardware Token
- Digital Signatures for Adobe PDF and Microsoft Office
- Secure S/MIME Email
- Client Authentication and Single Sign-on
FIPS 140.2 Validated Hardware Token
Each Business Identity certificate is shipped on a FIPS 140.2 validated YubiKey USB token, offering multiple security and convenience benefits:
- Private keys for authentication and document signing are securely generated and stored on the YubiKey and cannot be exported, making your YubiKey a unique identifier for document and email signing and client authentication.
- Each YubiKey is protected by a PIN that can be set by the user.
- Compliance with FIPS 140.2 standards (Overall Level 2, Physical Security Level 3) for cryptographic modules and meets the highest Authenticator Assurance Level (AAL3) of NIST SP800-63B guidance.
- Multiple authentication protocols and crypto algorithms.
- Small, convenient USB device that does not require batteries or network connectivity.
- YubiKey Manager software for simple management of PIN, certificates, and One-Time Password (OTP) features.
- Seamless integration with SSL.com’s SSL Manager software.
Digital Signatures for Adobe PDF and Microsoft Office
Your Business Identity certificate can be used for secure document signing in Adobe PDFs and Microsoft Office documents.
- A digital signature provides proof that the signer of an electronic document is who they claim to be, and demonstrates that the information in the document has not been altered since it was signed.
- Digitally-signed documents ensure legal non-repudiation. If a person digitally signs a document with their private document signing key, it is difficult for them to deny that they signed it.
- As a publicly trusted certificate authority and member of the Adobe Approved Trust List (AATL), SSL.com’s Business Identity certificates are trusted worldwide for signing digital documents, including Adobe PDF and Microsoft Office.
Secure S/MIME Email
SSL.com’s Business Identity certificates also support the S/MIME standard for email protection. S/MIME works in two ways to prevent phishing attacks and keep messages secure while in transit:
- Digital Signatures for email messages provide the same benefits as digitally-signed PDF and Word documents. Your recipients can be assured that the messages you send are really from you and not an attacker. And, like signed documents, signed email provides legal non-repudiation.
- Encrypted email keeps your messages secure in transit using the same kind of strong public-key cryptography used to protect HTTPS websites on the World Wide Web.
Client Authentication and Single Sign-On
SSL’s Business Identity certificates offer an additional layer of client authentication for workstation, application, and website sign-in that is not susceptible to phishing attacks, keystroke loggers, or other forms of credential theft. Once set up, it’s easy to log into any Windows, Mac, or Linux computer with just your YubiKey and a PIN (please see Yubico’s documentation for specific instructions for each platform). Plus, for maximum flexibility, each YubiKey FIPS offers several additional protocols for authentication and sign-on, including:
SSL.com’s Business Identity certificates with YubiKey are available for ordering now, with discounts of up to 45% for multi-year orders. Additional discounts are also available through our reseller program.