Q: What is SSL?
A: Secure Sockets Layer (SSL) is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your webserver you will be prompted to complete a number of questions about the identity of your website (e.g. your website's URL) and your company (e.g. your company's name and location). Your webserver then creates two cryptographic keys - a Private Key and a Public Key. Your Private Key is so called for a reason - it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) - a data file also containing your details.
Your webserver will match your issued SSL Certificate to your Private Key. Your webserver will then be able to establish an encrypted link between the website and your customer's web browser.
In this context, SSL can be thought of as the security "platform" for e-commerce.
Q: Why are High Assurance SSL certificates the Standard for establishing Trust in e-business?
A: Safety on the net is essential, but most consumers don't know how to tell a secure site from one that is not. They do, however, know to look for a padlock, which is the sign of the site being SSL-secured. A site that does not show an SSL Certificate is not likely to do much e-commerce business.
Q: What is an EV (Extended Validation) SSL certificate?
A: Extended Validation or EV SSL certificates are the next generation SSL certificate because they work with high security Web browsers to clearly identify a Web site's organizational identity. For example, if you use Internet Explorer 7.0, Firefox 3.0 or Opera 9.5, the address bar will turn green to identity this site as having an EV SSL certificate. It will also display the padlock as an icon of trust. However, the address bar will not turn green if the website does not have an EV SSL certificate.
Q: Is Extended Validation a new Standard?
A: Yes, it has been introduced to protect your website against phishing and other fraudulent activities in the online world. Since most Internet crimes rely on false identity, EV certificates require that organizations go through a rigorous validation process that meets the Extended Validation guidelines established by the CA/Browser Forum to combat these threats. In addition to confirming domain name ownership, the process includes authenticating the authority of the contact person requesting the certificate, verification of the business with government or third party business registries, and other methods to assure the legal and physical existence of the business.
Q: What kind of Information does the Extended validation SSL certificate display?
A: Identity confirming company information will include, but is not limited to: company name, domain name, government business registration number, business address.
Q: Why has this become necessary?
A: Unfortunately, not all SSL certificates are equal. Until now, consumers could not easily tell the difference between SSL certificates that provide extensive identity authentication from certificates that provide only domain validation with virtually no identity verification. It became necessary to give consumers the means to do intelligent risk assessment about with which online merchants they will transact business. Consumers need to verify the identity of online businesses, not just their domain names.
EV SSL certificates are the most technologically advanced SSL certificates from Comodo for allowing your customers to verify your identity. Comodo has positioned itself to help e-merchants become trusted by their customers through Comodo's EV SSL certificates.
Q: Who is defining the new guidelines for these Extended Validation SSL Certificates?
A: The guidelines for the new EV SSL certificates are being defined in an industry-wide association called the CA Browser Forum. Comodo saw the upcoming need for defining an industry wide standard and initiated the CAB Forum in May 2004. Forum members are browser companies including Microsoft, Mozilla, Opera and Konqeurer (KDE) in partnership with Certificate Authorities including Comodo, VeriSign, RSA, with participation from other organizations representing banking and lawyer associations.
Q: Terms like "High Assurance", "Extended Validation", "Domain only", "Low Assurance" and "Enhanced Validation" are all being used in describing different types of SSL certificates. What's the difference between these SSL certificates?
A: The main difference between all these certificates is the level of identity verification as follows:
- "Domain only" certificates, also known as "low assurance" certificates, only verify domain ownership. These are certificates most often sold by GeoTrust and GoDaddy. Unfortunately, these certificates provide virtually no identity assurance whatsoever since domain purchasing requires no identity verification.
- "High Assurance" certificates refer to certificates that include identity validation from a Certification Authority using currently established and accepted vetting processes. These SSL certificates are seen as significantly superior to domain only SSL certificates because users can trust that an objective third party - a certification authority, has verified the identity of the website.
- "Extended Validation" (EV) SSL certificates are the newest option for E-merchants as these certificates require the most stringent verification processes as outlined in the guidelines developed by CA/B Forum. The advantage of these the next generation high assurance SSL certificates is that these certificates work with the new security browsers to include a new visual indicator that confirm the site's identity.
Q: How will Extended Validation SSL certificates increase consumer confidence?
A: High profile incidents of fraud and phishing scams have made Internet users very concerned about identity theft. Before they enter sensitive data, they want proof that the website can be trusted and their information will be encrypted. Without it, they might abandon their transaction and do business elsewhere. EV SSL Certificates provide third-party verification using a highly visual display that gives consumers confidence and builds trust in e-commerce.
Q: How is a consumer expected to distinguish between the different type of SSL certificates?
A: The presence of a verifiable High Assurance SSL certificates provides reassurance to consumers. Low assurance certificates, by contrast, are not inherently trusted by browsers and will cause some browsers to display "warning messages" informing the user that the certificate has not been issued to a verifiable entity. Loss of trust equals loss of sales whereas increased trust results in increased sales.
Q: What are the benefits of Extended Validation SSL certificates to Web site owners?
A: An EV SSL Certificate helps visitors complete secure transactions with confidence because your site has the "green bar" in IE 7.0, Firefox 3.0 or Opera 9.5 browsers whereas your competitor's site does not. You appear to be more trusted and more legitimate. That's a competitive advantage that translates into higher conversion and more revenue. And it's why you are in business.
Q: Why do I need an EV Certificate on my site?
A: Today's fastest growing threat is phishing, where a fraudulent web site impersonates a legitimate business to attract unsuspecting visitors into divulging personal information. The increasing awareness to this problem has caused consumers to not trust buying online.
To stem this erosion of trust, EV SSL certificates, for the first time, let customers visibly see that they are doing business with an identity verified business. Using an EV SSL certificate will assure them that your website really is who it claims to be. (Now verifiable directly by the browser)
Q: Why does the whole high or low assurance matter to my customers?
A: Online businesses need a way to make customers feel as comfortable buying online as they would if they were making a purchase in a store. With the release of web browsers such as Internet Explorer 7.0, Opera 9.5 and Firefox 3.0 that displays a green address bar of a EV SSL secured site, a visitor can easily verify your identity. While your customers might not know the difference now, once IE 7.0 is out more and more web visitors will want to verify your identity - either with a High Assurance SSL certificate or with the new EV SSL certificate. Be sure your site does not lose sales because of the new browser displays.
Q: Will I be able to upgrade my existing Comodo High Assurance SSL certificate to get a green bar in the Browser?
A: Sure. Comodo can offer you a quick migration path from your existing High Assurance SSL certificate. So submit your contact information and we will contact you shortly or call + 1.888.266.6361 or + 1.703.581.6361.
Q: Are Extended Validation SSL Certificates available for purchase now?
A: Yes and we are ready to help purchase these new EV SSL certificates now. Click Here to Buy EV SSL
Q: Is my existing High Assurance SSL certificate still sufficient for protecting online transactions?
A: SSL certificates will continue to provide security encryption to make sure that data being transferred between your website and the browser can not be stolen And, your current high assurance SSL certificate will continue to be viewed as an identity assurance certificate far superior to low assurance or domain only validated certificates. What varies is the level of identity assurance that comes with these SSL certificates The new EV certificates provide a browser based confirmation only to users who have the new browsers. However, today and in the future, your high assurance SSL certificate still provides excellent identity assurance to users who do not have the "EV enabled" browsers yet.
To learn more about EV SSL certificates, please call + 1.888.266.6361 or + 1.703.581.6361.