|
|
|
|
|
Customer Support:
Welcome to the Client Services Center
|
|
|
|
|
|
|
|
Support Overview
Knowledge Base
Submit a Case
Support Portal
Site Seals
Reissuance/Replacement
EV Directory
Refund Policy
European Customers
|
|
|
|
Frequently Asked Questions
What is Extended Validation SSL?
The explosive growth in phishing attacks and other fraudulent web activity has eroded consumer confidence in doing business online. According to Gartner, nearly $2 billion in e-commerce sales were lost in 2006 due to security concerns by consumers.1 Extended Validation (EV) is the Internet security industry’s answer to this problem. It is a new, more stringent digital certificate standard for web site identity authentication. EV SSL Certificates combine the encryption power of traditional SSL Certificates with a new strict vetting process for establishing the true identity of a web site. New high-security browsers display EV SSL Certificates to end users in a highly visible manner. A recent study by Tec-Ed found that 100% of users expected to notice when sites display the distinctive interface features of EV.2
Who created the EV standard and why did they create it?
The CA/Browser Forum, a consortium of browser manufacturers and Certification Authorities, along with members of the American Bar Association Section of Science and Technology Law’s Information Security Committee and the Canadian Institute of Chartered Accountants developed the Extended Validation SSL Certificate standard.
This group of concerned industry experts created Extended Validation SSL to help protect consumers from the sharply rising incidence of Internet fraud. Consumers are especially concerned about phishing attacks - counterfeit web sites masquerading as legitimate sites in order to mine sensitive personal data that can be used to perpetrate identity theft. Any web site secured with an EV SSL Certificate demonstrates that it has passed a rigorous set of identity verification procedures. Additionally, in new high-security browsers, the browser interface triggered by an EV SSL Certificate clearly displays the name of the organization owning the web site so consumers know they are on the actual web site they intended to visit and not a fraudulent phishing site.
What is special about EV and why is it better?
EV SSL Certificates are the first SSL Certificates to meet an industry standard for a strict level of identity authentication. Traditional SSL Certificates have ranged from strong to weak to no identity authentication depending on the specific certificate offering. This has made it difficult for the end user to understand the level of assurance they receive when visiting a web site secured with an SSL Certificate. Self-signing and weak authentication have opened the door to questionable or sometimes downright fraudulent web sites being secured by SSL Certificates. Until now there was no way for an end user to immediately see upon visiting a web site that it has met high standards for identity authentication.
The Extended Validation standard created a new high level baseline for identity authentication and it introduces a new, more visible user interface to immediately alert consumers when they visit a web site secured with an EV SSL Certificate.
Only CAs who pass an annual WebTrust audit confirming their compliance with the EV procedural standards may issue EV SSL Certificates. Any company who receives an EV SSL Certificate must pass a rigorous vetting process to confirm the genuine identity of their web site. These standards are designed to be very difficult to spoof so a consumer visiting an EV secured web site can feel comfortable that they have reached the genuine site they intended to visit.
Finally, special user interface features in new high-security browsers, such as Microsoft Internet Explorer 7 and upcoming releases of Firefox and Opera, immediately and very visibly provide end users clearer information regarding the certificate status of the web site they are visiting if that web site is EV certified.
The assurances provided by EV should increase consumer confidence in an EV-secured web site. This bolstered consumer confidence should increase the number of completed transactions experienced by the web site resulting in a boost to business.
What will end users visiting an EV secured web site experience?
New high-security browsers, such as IE7 and upcoming releases of Firefox and Opera, include special user interface features when the end user visits a web site secured with an EV SSL Certificate.
In IE7 the address bar immediately turns a highly visible green color when an EV SSL Certificate is recognized. In addition to the color change, the gold padlock and a field to the right of the URL appears. This security status bar displays the name of the organization that owns the web site. Upon first arriving at the site, the user will see this field scroll to show the name of the CA who has issued the EV Certificate, thereafter a click of the mouse on the field will toggle the display between the owning organization and the issuing CA.
Green is a highly effective color. To the consumer green means go, the way is safe. A 2007 Tec-Ed survey showed that 93% of users preferred to shop on a site that displays the green address bar.3
Who is eligible for EV?
The current identity vetting process established by the CA/Browser Forum requires all organizations applying for an EV SSL Certificate to be listed in an official registry in their area of jurisdiction. Government agencies, corporations, general partnerships, unincorporated associations and sole proprietorships with valid charters, certificates, licenses or equivalent documents are eligible to receive EV SSL Certificates. The registration status must be verifiable through the registration bureau. The individual ordering the EV SSL Certificate on behalf of the organization must hold verifiable employment with the company and the authority to place the order. No organizations located in interdicted countries or included under a prohibited list such as an embargo restriction may receive an EV SSL Certificate.
How do I get EV?
- Complete an electronic EV certificate request and obtain a GeoTrust Order ID.
- Have the Organization's certificate approver (identified in the EV certificate order) sign and submit the appropriate Acknowledgement of Agreement form.
- For faster order authentication, complete and submit the appropriate Lawyer Opinion's letter.
- Review all other authentication requirements to ensure your order can be expediently processed. View our authentication and verification processes at: http://www.geotrust.com/ev/index.html.
Can I upgrade my current SSL Certificate to EV?
Yes, you can easily upgrade when your certificate comes up for renewal. You will need to complete the more extensive authentication procedures required by EV in order to receive the new certificate. If you would like to change to an EV Certificate before your current certificate comes up for renewal you should submit a case to GeoTrust customer support at http://www.geotrust.com/support/index.asp.
What is EV Upgrader™?
When you buy True BusinessID® with EV you also get EV Upgrader™, the first technology to enable all IE7 on Windows XP clients to display the green address bar when they visit a web site authenticated by a GeoTrust EV SSL certificate. The EV Upgrader from GeoTrust automatically turns on all EV interface functionality, including the green address bar and security status bar, by prompting a root update to IE7 Windows XP clients. Without EV Upgrader, only IE7 clients on Windows Vista automatically receive the root update from Microsoft that enables them to experience the benefits of EV SSL.
1 2007, Gartner, Inc.
22007, Tec-Ed, Inc.
32007, Tec-Ed, Inc.
|
|
|
|
|
|
|
|
|
|
|
