Confidentiality can be achieved in several ways. The two most common are steganography and encryption . Steganography is the process of putting a message inside another message in such a way that observers do not know that its there. For example, modifying the low-order bits in an image to transmit a message does not interfere with viewing the image, and the presence of the message is difficult to detect. While steganography has some interesting uses, it cannot serve as the basis for confidentiality in an enterprise identity system.

Encryption is the process of transforming a message using a key so that anyone viewing the message without the key cannot determine its contents. Cryptography is the basis for the technologies, such as digital certificates, that provide properties like integrity non-repudiation and confidentiality. While digital certifications and cryptographic issues are by no means the answer to the problems of identity in and of themselves, they are an important tool for solving some critical identity problems. Understanding digital identity requires at least a passing understanding of the technology, processes, and politics surrounding cryptography and digital certificates.