IdenTrust Global Common Certificates (IGC)

IdenTrust Global Common (IGC) Certificates are cross-certified with the U.S. Federal Bridge Certification Authority (FBCA), enabling trust and interoperability with a wide range of systems and applications. Each individual IGC Certificate includes both a certificate for authentication/digital signing and a certificate for encryption. The certificate pair enables a wide range of uses such as:


  • Authentication to networks and applications
  • Digitally signing Microsoft Office, Adobe, and other types of documents
  • Digitally signing online transactions
  • Digitally signing email
  • Encrypting email
  • Encrypting documents

The following IGC Certificates are available. If you are unsure of which certificate you need, please visit the IGC Learn Page or contact IdenTrust sales. If you know which certificate you need, simply select the appropriate “Buy” button and you will be taken immediately to the online registration pages.


IGC Basic Software Certificates

IGC Basic Software Certificates are compliant with U.S. FBCA Basic assurance level and are inclusive of LOA3 identity proofing and certificate delivery to your browser.

Step-by-Step Process

If you require affiliated IGC Basic Software Assurance certificates, please contact IdenTrust sales.

IGC Basic Assurance Certificates on Hardware

IGC Basic Hardware Certificates are compliant with U.S. FBCA Basic assurance level and are inclusive of LOA3 identity proofing and certificate delivery via your browser* to your choice of an IdenTrust-supplied hardware device. During the registration process, you will be prompted to select the type of device for storage of the private keys associated with your certificates. See IGC Hardware Options and Pricing further below for a description of hardware options available.

Step-by-Step Process

*Hardware certificates must be retrieved using Internet Explorer. Once retrieved, you may use your hardware certificate with any application that supports standard x.509 certificates.

If you require affiliated IGC Basic Software Assurance certificates, please contact IdenTrust sales.

IGC Medium Software Certificates

IGC Medium Software Certificates are compliant with U.S. FBCA Medium assurance level and are inclusive of LOA4 identity proofing and certificate delivery to your browser.

At the conclusion of the on-line registration process, you will be provided a forms packet for download that must be completed and returned to IdenTrust for certificate approval.

Step-by-Step Process

*Hardware certificates must be retrieved using Internet Explorer. Once retrieved, you may use your hardware certificate with any application that supports standard x.509 certificates.

IGC Medium Hardware Certificates

IGC Medium Hardware Certificates map to a U.S. FBCA Medium assurance level and are inclusive of LOA4 identity proofing and certificate delivery via your browser* to your choice of an IdenTrust-supplied hardware device. During the registration process, you will be prompted to select the type of device for storage of the private keys associated with your certificates. See IGC Hardware Options and Pricing further below for a description of hardware options available.

At the conclusion of the on-line registration process, you will be provided a forms packet for download that must be completed and returned to IdenTrust for certificate approval.

Step-by-Step Process

*Hardware certificates must be retrieved using Internet Explorer. Once retrieved, you may use your hardware certificate with any application that supports standard x.509 certificates.

IGC PIV-I Certificates

IGC PIV-I Certificates are compliant with U.S. FBCA PIV-I assurance level and are ideal for states, contractors, police agencies, first responders, or any entity where a high degree of identity assurance and both physical and logical interoperability are required. PIV-I credentials include biometric information that is collected during an in-person enrollment process. Biometric identity verification is required at the time of certificate retrieval/activation to an approved* PIV card via an approved* Card Management System (CMS) such as such as HID Global’s ActivID® CMS and Intercede® MyID®. IdenTrust supports multiple PIV-I deployment and enrollment options through IdenTrust’s PKI as a Service platform. Please contact IdenTrust IGC Sales for more information.

*PIV cards, CMSs and other related components used for IGC PIV-I issuance must be on the GSA Approved Products List (APL) and supported by IdenTrust.

IGC Medium Device Certificates

IGC Medium Device Certificates are compliant with U.S. FBCA Medium Device assurance level and are for use on servers for digital signing and encryption functions. While the technical process to obtain an IGC Device certificate is similar to that required to obtain common SSL certificates, these certificates require the individual obtaining them to first be a Subscriber of (hold) an IGC Medium Software Certificate. This ensures both the identity of the individual and the authorization of the individual by the organization to obtain an IGC Device Certificate at an assurance level equal to the Device certificate being sought.

As part of the application process, you will need to provide a Certificate Signing Request (CSR), aka PKCS#10. If you need instruction on generating a CSR, please visit our support page here: https://www.identrust.com/support/instruction/csr/index.html.

At the conclusion of the on-line registration process, you will be provided a forms packet for download that must be completed and returned to IdenTrust for certificate approval*.

*Helpful Hint – If you are not already a Subscriber of an Individual IGC Medium Software Certificate, both the Individual and Device Certificate processes currently require completion of an ID Form and signature in front of a Notary. To avoid two visits to a Notary:

  1. Apply for your Individual Medium Software Certificate (not the Device Certificate) using one of the IGC Medium Software buy links above. Download the forms package at the end of the process. It will have an ID Form in it.
  2. Download the forms packet for the Device Certificate. You can do this prior to applying for the Device Certificate. It will have an ID Form in it.
  3. Take both ID forms and required proof of identity to a Notary. You will need to sign the ID forms in the presence of the Notary.
  4. Immediately apply for the Device Certificate and return both completed forms packets, including company authorization forms to IdenTrust.

IGC Hardware Options and Pricing

As part of the on-line registration process for hardware certificates, IdenTrust provides an option to select hardware. All hardware offered by IdenTrust in conjunction with IGC Certificates is validated to FIPS 140-2 Level 2 or higher for cryptographic functions. With the exception of the Hybrid USB PKI/OTP Tokens, tokens and cards do not expire and may be used for an unlimited number of certificate renewals. Following are hardware options and pricing:

$65

USB Token

$50

Smart Card

$66

Smart Card plus USB Card Reader

$128

Hybrid USB PKI/OTP Token**

** Includes two years IdenTrust OTP authentication service

*Hybrid USB PKI/OTP Tokens are available only with IGC Basic Assurance on Hardware 2 Year Certificates. Due to battery life, these devices should only be used for one renewal. After four years of use, the device should be replaced.

For more information on the Hybrid USB PKI/OTP Token, please visit the Hybrid PKI/OTP FAQ.