Extended Validation (EV) | Extended Validation (EV) |
|
|
|
Protect the good reputation of your enterprise and your customers with SwissSign Extended Validation certificates, which you will soon be able to obtain here! EV in a Nutshell EV certificates are used to ward off security risks in the Internet. An EV certificate contains checked information about the legal entity behind a website and allows the user to see with whom a transaction is being handled. Since the examination process for all issuing certification authorities (CAs) is the same, users have greater confidence in websites where an indication of such an EV certificate is visible in the browser. What are EV certificates and what are they used for? Forged e-mails and malicious websites guide users to fraudulent Internet locations. Through the theft of personal user information, they are responsible for decreasing of confidence in on-line transactions and influence the capabilities of companies to communicate with their customers and function commercially. Such security gaps not only threaten a user’s private sphere, they also are increasingly a danger for a company’s data, infrastructure, and – even worse – good reputation. Previously, all website security was oriented to the safe transmission of data. Companies used secure sockets layer (SSL) certificates to secure communication channels. Such SSL certificates make it possible for the user to see who owns the website and receive information about the certificate holder, the country and the domain for which the certificate was issues. In short: The certificate is used to encrypt communications and identify the website. Some time ago, cyber-criminals managed to obtain valid SSL certificates and thus create a fake secure environment for users. The golden lock symbol is still very important for the identification of a website, but it alone is no longer sufficient for secure Internet transactions. In order to confront this danger, SwissSign is currently developing Extended Validation (EV) SSL certificates, which offer users a higher level of security. The CA/B Forum, a consortium of certification providers, browser manufacturers and audit enterprises, has passed formal guidelines to guarantee a uniform practice in the issuing of such EV certificates. The CAs will be audited annually by an outside, independent firm. This will ensure the integrity of each EV SSL certificate issued. Thanks to these control mechanisms, EV certificates are also supported by the leading non-profit organizations in the area of Internet security. These include, among others, the Authentication & Online Trust Alliance (www.aotalliance.org) and the Merchant Risk Council (www.merchantriskcouncil.org). This is a standardized process to which every CA must comply that would like to publish this new type of SSL certificate. This process not only helps hinder the publication of certificate on fraudulent websites, it also furthers consistency and thus helps companies protect their brands and reputation against hijacked and imitation websites. The benefits companies derive from EV certificates are:
Do EV certificates suit your needs? EV SSL certificates are suited for companies and brands, which do business online and would like to protect their good name from abuse. How do I recognize an EV certificate? When an EV certificate is present, Windows Internet Explorer 7 shows a visual trust indicator. This is an icon with a key and a green bar, the name, country and address of the company. Please look for the following features:
Users can easily view more information via the security status bar (see the illustration below). If you hover over the security status bar with your mouse, a pop-up window opens with further information about the EV SSL certificate. If you click on the security status bar, a security report with further information about the certificate is shown. 
|