What is Extended Validation SSL?
The explosive growth in phishing attacks and other fraudulent web activity has eroded consumer confidence in doing business online. According to Gartner, nearly $2 billion in e-commerce sales were lost in 2006 due to security concerns by consumers.1 Extended Validation (EV) is the Internet security industry’s answer to this problem. It is a new, more stringent digital certificate standard for web site identity authentication. EV SSL Certificates combine the encryption power of traditional SSL Certificates with a new strict vetting process for establishing the true identity of a web site. New high-security browsers display EV SSL Certificates to end users in a highly visible manner. A recent study by Tec-Ed found that 100% of users expected to notice when sites display the distinctive interface features of EV.2
It is simple thing to tell if a website supports the new security standard.
In IE7 the address bar immediately turns a highly visible green color when an EV SSL Certificate is recognized. In addition to the color change, the gold padlock and a field to the right of the URL appears. This security status bar displays the name of the organization that owns the web site ScaleSolutionsLLC.com. Upon first arriving at the site, the user will see this field scroll to show the name of the CA who has issued the EV Certificate, thereafter a click of the mouse on the field will toggle the display between the owning organization and the issuing CA.
The Extended Validation SSL standard sets the bar for SSL Certificate authentication higher than ever before in order to inspire more confidence and trust in Internet users. The standard mandates an extensive process for confirming the identity and business legitimacy of a certified web site. This means ScaleSolutionsLLC.com is a real business and a leader in our field for providing security for our customers on the Internet.
Green is a highly effective color. To the consumer green means go, the way is safe.
What is special about EV and why is it better?
EV SSL Certificates are the first SSL Certificates to meet an industry standard for a strict level of identity authentication. Traditional SSL Certificates have ranged from strong to weak to no identity authentication depending on the specific certificate offering. This has made it difficult for the end user to understand the level of assurance they receive when visiting a web site secured with an SSL Certificate. Self-signing and weak authentication have opened the door to questionable or sometimes downright fraudulent web sites being secured by SSL Certificates. Until now there was no way for an end user to immediately see upon visiting a web site that it has met high standards for identity authentication.
The Extended Validation standard created a new high level baseline for identity authentication and it introduces a new, more visible user interface to immediately alert consumers when they visit a web site secured with an EV SSL Certificate.
Only CAs who pass an annual WebTrust audit confirming their compliance with the EV procedural standards may issue EV SSL Certificates. Any company who receives an EV SSL Certificate must pass a rigorous vetting process to confirm the genuine identity of their web site. These standards are designed to be very difficult to spoof so a consumer visiting an EV secured web site can feel comfortable that they have reached the genuine site they intended to visit.
Microsoft IE7 supports Extended Validation SSL. Other popular Internet browsers, such as Firefox and Opera, have announced that they will be supporting Extended Validation SSL in future releases. The green address bar interface will function automatically on Windows Vista client systems running IE7 with Microsoft's recommended default configuration settings.
| 
