The IT Law Wiki

Definition[]

Certificate-based authentication

uses public key cryptography to prove possession of a private key via digital signatures and certificates. Certificates can be used in a number of situations such as browser authentication, Personal identity verification (PIV) cards, and inter-application authentication (e.g., certificate pinning). Certificates are also commonly used to augment other authentication mechanisms to create multifactor scenarios.