USPS poised to offer digital certificates

The Postal Service is ready to begin providing digital signatures that will let customers electronically sign and encrypt documents for secure delivery over the Internet.

If widely adopted, digital signatures could dramatically increase public confidence in the security and privacy of the Internet, opening the way for much wider use of the Internet to conduct financial transactions and transmit other sensitive data.

Initially, the USPS digital signatures will be available only to federal employees, but eventually the Postal Service hopes to sell digital signatures to the public, said Stephen Kearney, senior vice president for corporate and business development.

In mid-March, the Postal Service plans to make digital signatures available to federal employees through 46 East Coast post offices. The first users are expected to be employees at renal dialysis centers who process claims for the Health Care Financing Administration.

The Social Security Administration also wants digital signatures to protect eligibility information it receives from states, Kearney said.

Eventually, the Postal Service hopes to sell digital signatures to anyone who wants them. Uses may range from transmitting legal documents to sending union votes over the Internet.

To buy a digital signature, Postal customers would enroll online, receive a form in the mail, go to the post office with a photo identification and two other forms of identification and then receive an e-mail with instructions on how to download the digital signature. The signature can then be stored in a smart card on a computer hard drive.

The Postal Service would serve as the "certification authority" assuring that the holder of the digital signature has adequately proven his identity.

Digital signatures serve as the electronic equivalent of a handwritten signature, asserting the authenticity of an electronic message. But they also do more. When applied to an electronic document, the signatures encrypt the document so that it cannot be changed or read by anyone except a recipient with the proper key to decipher it.

Thus, digital signatures are expected to reassure users that financial transactions, contracts, medical records and other sensitive documents can be safely sent over the Internet.