| > | | | | SSL is used to validate the identity of the |
| SSL was originally developed as a secure | | | | e-commerce website so that the customers |
| communications protocol to protect consumers | | | | know for sure that their information won’t |
| from fraud in their online business transactions. | | | | be sent to some fraudulent website. Once identity |
| When it failed in the form of widespread phishing | | | | is established, SSL creates a secure connection |
| scams, a better method was needed to win back | | | | between the website and the customers. |
| customer confidence. The answer is EV SSL. The | | | | Websites are authenticated by their SSL |
| internet has revolutionized our lives by making | | | | certificates that are issued by a trusted company |
| billions of pages of information available to us. It | | | | known as a Certificate Authority or CA. One of |
| has changed the way we work, do business, | | | | the most trusted CAs in the world is Verisign. |
| entertain ourselves and shop for interesting | | | | Despite all its merits, SSL suffered from a serious |
| products. The internet has done away with | | | | flaw. Any website could sign its own SSL |
| physical boundaries by turning the whole world | | | | certificates and thus make itself appear genuine. |
| into a global marketplace. The amount of business | | | | The average internet user didn’t know |
| transactions involving credit card details and other | | | | much about distinguishing between self-signed and |
| sensitive financial information is staggering and | | | | CA-signed SSL certificates. This allowed fraudulent |
| numbers in the millions every day. It was | | | | websites to steal sensitive business information |
| understood long before the proliferation of | | | | from unwitting customers. The stealing of |
| e-commerce that the sensitive financial | | | | information in this way is referred to as a phishing |
| information of customers can easily be | | | | scam. |
| compromised as it passes through dozens of | | | | With the rapidly increasing incidences of phishing |
| computers all around the world to reach its | | | | scams, consumer confidence in online transactions |
| destination. To ensure the protection of this | | | | was dangerously eroded to the extent that online |
| sensitive information, a global standard for | | | | businesses began to suffer substantially. The |
| security was developed by the name of Secure | | | | Extended Validation SSL standard was developed |
| Sockets Layer or SSL. | | | | to win back consumer confidence through |
| SSL is a communication protocol that works by | | | | stringent certificate verification and visual display in |
| scrambling the sensitive data through a process | | | | highly secure internet browsers like IE7 and |
| called encryption. Encryption allows only the | | | | Firefox 3. When customers visit a website using |
| authorized parties to view the information. | | | | an EV SSL certificate, the URL address bar of the |
| Hackers and other criminals can still get their | | | | browser turns green indicating that the site can |
| hands on encrypted data but it is basically useless | | | | be trusted. The organizational identity and name |
| to them. To extract the original information from | | | | of the CA such as Verisign is also shown next to |
| the encrypted data, hackers have to use | | | | the green bar to further provide proof that the |
| brute-force decryption methods. Fortunately, | | | | website is not fraudulent. Since EV SSL |
| most secure websites support 128-bit SSL | | | | certificates can only be acquired from a |
| encryption. This encryption is strong enough so | | | | well-known CA, the chances of phishing scams |
| that it can take hundreds of years to decrypt it | | | | have greatly diminished and consumer confidence |
| through brute force methods. SSL promised to | | | | in online business transactions has been restored. |
| allow people to share their credit card details on | | | | All we need to do now to protect ourselves from |
| shopping websites and access their bank account | | | | phishers is to look for the green bar and |
| information without having to worry about their | | | | that’s it. |
| financial information getting into the wrong hands. | | | | |