 |
|
 |
 |
Company
> Newsletters
>EV SSL, pg. 2 of 3
Page
1
2 3
What about the SSL certificate I currently have?
If
you currently have an SSL Certificate with "Identity Assurance
Protection" or a "High Assurance" SSL Certificate, you may have
thought that you had the protection necessary to convince your visitor that
your site is a legitimate business.
With
so many issuers of certificates, though, the highest levels of identity
assurance were not necessarily applied by all certificate authorities.
Allegedly, some authorities did not even verify the identity of the online
business before issuing the certificate.
So,
it's possible that the phishers may have been able to acquire and install
these certificates on their fraudulent sites.
What Exactly is an EV SSL?
The
key to a successful phishing attack is getting you to visit a fraudulent web
site that appears legitimate and trick you into providing confidential
information. This allows them to gather information about you. The EV SSL
certificate provides a greater level of identify verification to ensure that
the Internet user is actually at the real company's Web site.
Per
the authoritative agency for establishing SSL certificate guidelines, here's specifically what an EV SSL certificate will
verify:
(1)
The website the user is accessing is controlled by a specific legal entity
identified in the EV Certificate by name, address of Place of Business,
Jurisdiction of Incorporation, and Registration Number; and
(2)
Enable the encrypted communication of information over the Internet between
the user of an Internet browser and a website.
And, according to the CA/Browser Forum, if your company is a
sole proprietorship or partnership, you cannot get an EV SSL.
How Do I Upgrade . And Is There A
Cost?
You'll
want to contact the issuer of your current certificate for all information
about upgrading and costs involved. As of this writing, not all issuers have
made EV SSL's available yet.
What
Happens if I Don't Upgrade?
If
you choose not to, or are unable to upgrade, your site will still be
considered secure under the existing SSL framework. However, your visitors
will not receive a green address
bar in their browser, when navigating your secure pages.
Does
it really matter? Time will tell. If the CA/Browser Forum and the
certificate issuers begin to strongly publicize the benefit of the EV SSL
certificate to web shoppers, we may reach a time when shoppers will view
anything but a green address bar with an eye of skepticism.
While studies
have shown impacts on conversion due to small changes in images, copy and colors on pages, it's
likely that at some
point not having an EV SSL could negatively impact your web sales.
|
|
|
|
 |
 |
|
 |
|
|
