Digital signatures meet the need for authentication and integrity. To vastly simplify matters, a plain text message is run through a hash function and so given a value: the message digest. This digest, the hash function and the plain text encrypted with the recipient’s public key is sent to the recipient. The recipient decodes the message with their private key, and runs the message through the supplied hash function to that the message digest value remains unchanged (message has not been tampered with). Very often, the message is also time stamped a third party agency, which
provides non-repudiation. To authenticate that the website receiving sensitive information is not set up some other party posing as the e-merchant, the browsers check the digital certificate. This is a digital document issued the CA (certification authority: Verisign, Thawte, etc.) that uniquely identifies the merchant. Digital certificates are sold for emails, e-merchants and web- servers.