Network Solutions

Extended, Valid SSL Certificate

Internet Security Learning Center

Helping to keep your web site secure

Learn how to secure your Small Business Web site from threats and how to create trust and increase confidence in your e-commerce offerings by using SSL Certificates, Site Seals, privacy policies, and copyrights and trademarks.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Web Security > Extended Validation Certificates: The Next Level of Security

Extended Validation Certificates: The Next Level of Security

 

Introduced in early 2007, Extended Validation (EV) Certificates represent the first major update of the Secure Sockets Layer (SSL) Certificate validation process in a decade. They require substantial changes to the methods by which the authenticity and identity of online businesses are confirmed, helping consumers determine which Web sites are legitimate businesses having verifiable credentials.

SSL Certificates perform two tasks:

  • They assure customers that a Web site is legitimate and that the online business running the site is a real licensed business.
  • They encrypt data transferred between a customer's Web browser and the online business to help prevent theft of sensitive information such as credit-card numbers, account numbers, and passwords.

The certificates are issued and validation assured by third-party companies called Certificate Authorities (CA). When a properly issued SSL Certificate is present on a Web site, the site visitor's Web browser shows a closed padlock and an "https" in front of the Web address.

Although many CAs already perform rigorous checks to validate the legitimacy of applicants' businesses, Extended Validation Certificates standardize the validation system used by all CAs. Today, different CAs currently employ different types or levels of authentication when using non-EV certificates, creating vulnerabilities that have been exploited for identity theft, fraud, and other online crimes. By contrast, EV Certificate validation procedures calls for all CAs to require applicants to supply the same documentation and verify legitimacy using a prescribed set of sources and methods.

As their name indicates, EV Certificates demand that CAs perform a more extensive validation process. To obtain an EV Certificate, applicants have to provide CAs with more information about their business and the CAs have to verify the accuracy of the data through additional sources, including in some cases on-site visits to the applying business.

In addition to resolving the variations in validation procedures, EV Certificates take advantage of the enhanced security features of the next generation of browser software. Consumers who visit EV-protected Web sites using next-generation browsers such as Microsoft's® Internet Explorer 7™, for example, experience both higher levels of validation security and a new visual indicator that a site's identity has been validated and its security assured: Namely, the browser address window turns green when a secure, officially validated connection has been established.

Like sites using other types of SSL Certificates, those with EV Certificates continue to display the locked padlock icon and an "https" prefix to signal a secure connection.

Based on an industry-wide standard, EV Certificates were developed by a group called the CA/Browser Forum, consisting of the leading providers of Internet browsers and SSL Certificates, such as Network Solutions®. Eligibility for EV Certificates is initially restricted to corporations, but EV Certificates are quickly expected to become the standard for online authentication and should, over the following months, be extended to additional types of online businesses.

The Bottom Line: Network Solutions is a leading provider of Extended Validation SSL Certificates. To learn more about Network Solutions EV SSL Certificate services or to purchase your EV SSL Certificate today, please visit our SSL Certificates Product Page.