Skip to main content

Choose

SAFE Identitycertificates are available in software (stored in your browser) and hardware (stored on a SAFE HID USB Token). 

A software certificate must be stored in the browser of the PC that you will use to transact business.  You may install your software certificate on multiple PCs in order for your certificate to be portable.  A software/browser certificate can optionally be set with a password, but a password is not required. 

A hardware certificate is stored in a USB token and can be used on any PC on which the USB software utility is installed.  This allows more portability of your certificate.  Additionally, a USB token is password protected and your certificate cannot be accessed without validation of that password.  This creates an extra layer of protection for your certificate.  A hardware certificate is a Medium Assurance certificate.

Some applications require that you use a certificate that is stored on hardware, because it offers more security.

IdenTrust recognizes that it is sometimes difficult to determine what certificate is best to meet your needs.  To help you with this process, IdenTrust has created our unique Certificate Selection Wizard which will help guide you through the process of selecting your certificate.  The wizard is based on what you consider to be your Buying Community or what type of user community that you are most associated with.  Examples of Buying Communities include users of DoD ECA Agency applications, EPCS prescribers, professional who need digital signing and sealing or those individuals who need a certificate for personal use. 

 

1.  Start by selecting a category from the My Buying Community or the Certificate menu.  Once you have selected a category that is most similar to how you will use your certificate, you can choose from various Learn More links to access additional details about certificates in this category and how to use them. 

 

2.  When you are ready to purchase your certificate, you simply select a BUY NOW button that will launch the wizard related to that specific Buying Community or Certificate type you have chosen.  An added bonus is that IdenTrust has worked with the government agencies and vendors that use our certificates and we have configured our wizard to only offer you the types of certificates that they will accept.  

 

3.  From there all you need to do is respond to the prompts and the wizard will assist you in finalizing your buying decision.  

 

With IdenTrust, choosing the best certificate is for you is as easy as 1, 2, 3! 

Digital certificates retrieved into a browser, also known as software storage certificates, are intended to be used mainly from a single computer. As no additional device is required, software storage certificates are relatively inexpensive.

Digital certificates retrieved into a portable hardware device such as USB token or Smart card, not only can be used from multiple computers, but also offer additional security via the built-in second factor authentication feature. Certificates stored in hardware devices can also be configured for Client Authentication for faster secure login sessions.

The decision to opt for a software storage or a hardware storage certificate is mainly predefined by the sponsoring organization (business); at an individual level, the applicant should weigh-in if the additional security and portability benefits are worth the hardware expense. 

Note: Be sure to check with your relying party or program to determine if it requires a specific type of storage:

  • Software
  • USB token
  • Smart card 

TrustID | Basic Assurance | Individual Identity | Software Storage Certificate:
Authenticates you in personal online transactions, access to specific restricted Web sites, and allows you to send and receive, sign and encrypt email communications, using this digital certificate.

The following certificate is stored on your PC browser for use on a single computer:

  • TrustID | Basic Assurance | Individual Identity | Software Storage

The following certificate is stored on a USB token or smart card, can be used from multiple computers and is AATL Enabled: create digital signatures that are instantly trusted whenever the signed document is opened in Adobe® Acrobat® or Reader® software and can be used to sign unlimited number of PDF documents:

  • TrustID | Medium Assurance | Individual Identity | Hardware Storage | Trusted by Adobe®

TrustID | Medium Assurance | Business Identity Certificate:
These are digital certificates for employees of companies that will authenticate the individual as an employee of that company.  When applying for this type of certificate, each certificate is only for one individual, not an entire company.

The following certificates are stored on your PC browser for use on a single computer:

  • TrustID | Medium Assurance | Business Identity | Software Storage
  • TrustID | Medium Assurance | Business Identity | Software Storage | Non-U.S.

The following certificates are stored on a USB token or smart card, can be used from multiple computers and is AATL Enabled: create digital signatures that are instantly trusted whenever the signed document is opened in Adobe® Acrobat® or Reader® software and can be used to sign unlimited number of PDF documents:

  • TrustID | Medium Assurance | Business Identity | Hardware Storage | Trusted by Adobe®
  • TrustID | Medium Assurance | Business Identity | Hardware Storage | Trusted by Adobe® | Non-U.S.

TrustID | Secure Email | Email Identity Certificate:
Authenticates that the email address in the certificate is owned and/or controlled by you; no individual or business identity is verified. Once approved, the certificate allows you to sign and encrypt email communications.

The following certificates are stored on your PC browser for use on a single computer:

  • TrustID | Secure Email | Email Identity | Software Storage
  • TrustID | Secure Email | Email Identity | Software Storage | Non-U.S.

The following certificates are stored on a USB token or smart card and can be used from multiple computers:

  • TrustID | Secure Email | Email Identity | Hardware Storage
  • TrustID | Secure Email | Email Identity | Hardware Storage | Non-U.S.

TrustID | IdenTrust TLS/SSL | Organization Identity | Organization Validated (OV) Certificate:
Authenticates a Web site or a network server using the Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols.

Visit our TrustID Products page for additional information.

IdenTrust offers two equivalent certificate types, which the IRS has approved to use for the FATCA program.


IdenTrust recommends using the FATCA Organization | Organization Identity | Software Storage certificates type since it was designed to provide an easier application and approval process. You should evaluate the information required for application and select the option that matches information you already have or can generate easily.

You may also select the FATCA | IdenTrust TLS/SSL | Organization Identity | Organization Validated (OV), which is the same certificate as our standard IdenTrust TLS/SSL | Organization Identity | Organization Validated (OV) certificate.


Our FATCA IRS Reporting Certificate Selection Wizard will assist you in choosing the best certificate to meet your needs.