The CryptoAPI private key in ABC's online banking is simply the password you set when downloading or re-importing the certificate. If the customer forgets this password and has backed up the certificate before, you can delete the original certificate and import it again. If there is no backup before, you can only go to the bank to reissue the certificate.

Certificates or digital certificates are the signs of customers' online transactions and business activities. Based on this certificate, data can also be encrypted and signed. Kbao certificate is stored in USBKEY medium, with built-in smart chip and special security area to store the private key of the certificate. The private key of Kbao certificate cannot be exported, so the backed-up file cannot be used, and the security is higher than that of browser certificate. Digital certificate is a kind of high-strength security authentication product provided by Agricultural Bank of China, and it is the only certificate for you to conduct transactions in online banking. Digital certificate combines high-intensity encryption algorithm and security authentication mechanism, which can effectively prevent transaction information from being illegally stolen and modified, and ensure your safe use of online banking.

Identity authentication of both parties to a transaction: authentication includes source authentication and entity authentication, that is, it is necessary to accurately identify the source of information and the identity of peer entities communicating with each other. Generally speaking, the bank website can verify the identity of the certificate holder, and customers can also verify the legality of the website through the website certificate.

Ensure the integrity of information: ensure that the received information is from the other party, and there is no disorder and tampering in the exchange process.

Confidentiality of information content: encrypt and protect the exchanged information, so that even if the third party intercepts the data, it can't read the information contained in it.

CryptoAPI is a set of functions that allow applications to encrypt or digitally sign data in a flexible way while protecting users' sensitive private key data. CryptoAPI uses two kinds of keys: session key and public key * * */private key pair. Session keys use the same encryption and decryption keys. This algorithm is faster, but the key must be delivered safely. The public key * * */private key pair uses a public key and a private key, the private key can only be used by special personnel, and the public key can be widely spread. If one of the key pairs is used for encryption, the other must be used for decryption. The public key * * */private key pair algorithm is very slow, and it is generally only used to encrypt small batches of data, such as encrypting session keys.