The use of some form of physical documentation to achieve authentication has been in existence for a long time. For example, when you write a check and the merchant asks to see your driver's license, the license is being used to increase the merchant's confidence that you are who the check indicates you are. In this case the merchant trusts that the state that issued you the license did an adequate job of verifying your identity. Another example is your use of a passport when traveling. The customs official who looks at your passport and then accepts it as proof that you are who you say you are trusts that your government did an adequate job of identifying you before issuing you a passport. Notice that in both examples there has to be a level of trust in the certifying authority.
This same concept has been applied to the authentication of persons and entities on a digital communications network. The documents that provide authentication of persons and entities on a network are called digital certificates, commonly shortened to just certificates. Using certificates on a network is more complex because of the fact that the communicating parties will most likely never physically meet—so, a method must be worked out to maintain the necessary level of trust. Additionally, it is much easier on a network for unethical people to intercept messages and pretend to be someone who they are not. To prevent these kinds of problems, cryptographic techniques are used on a certificate to make it very difficult, if not impossible, for someone to modify it such that he or she can impersonate someone else.
Digital certificates have one other unique characteristic. They contain the public key of the person or entity to whom the certificate is issued. For more information on the use of public-key cryptography see Generating Cryptographic Keys.