Stronger Online Security: Extended Validation (EV) SSL Certificate standard
As on-line consumers, most of us are accustomed to shopping on-line. When shopping on-line most consumers look for websites that use SSL encryption for protecting secure order forms that require credit card numbers and other personal information. In most web browsers, there is a padlock icon that the web page we are visiting, perhaps an order form web page, securely encrypts the data from the website to our computer's web browser.
In order for SSL to work on our computers, most web browsers have built-in certificate authority (CA) certificates that work with the remote website to verify its authenticity and ensure the data connection between the remote website and our computer's web browser is secure (i.e. encrypted).
One reason consumers have been fooled by fake websites pretending to be major sites such as on-line banks, has been the relative ease by which fraudsters have obtained SSL certificates easily. Thus we were ushered into the age of phising emails and fake websites that have many times fooled consumers into divulging personal information such as passwords, credit cards, and more. Consumers don't realize how easy it has been for anyone running a website to get an SSL Certificate.
In the past few months the Certification Browser Forum (CA/Browser Forum) has developed working guidelines for the creation and support across CA's and web browser publishers for a new standard in SSL Certificates. The Extended Validation (EV) SSL Certificate standard has emerged as a result of this work.
The cornerstone of the EV SSL Certificate standard lies in the much stricter industry accepted validation process for ensuring the integrity of the organizations to whom the EV SSL certificates are granted.
To learn more about the requirements organizations will need to complete to be eligible to receive SSL Certificates, please visit: http://www.cabforum.org/vetting.html.
EV SSL Certificates won't eliminate the need for consumers to be diligent about their on-line security practices. End point security solutions are only as strong as the commitment of people and the good use of technology. Let's hope the EV SSL Certificate standard helps slow down the pace of on-line scams and identity theft. Although if history teaches us anything, eventually someone will try to find a way around this good step in ensuring on-line safety and security.
Comments