Офіційні документи
|
| Показано 5 продуктов компании NetworkSolutions. |
| NetworkSolutions certificates. | Всего Сертификатов на 12 березня 2010р.: 5 | Цены указаны в * Грн. * Руб. Дол. Євро ( $1=8.6грн.) |
How Does an SSL Certificate Provide Website Security?
Ensuring website security and protecting the privacy of E-commerce customers doing business with you online is essential to establishing customer confidence and trust. That confidence and trust is established through securing communication between your customer's Web browser and your site, generally by way of a digital SSL Certificate. You can install an SSL Certificate yourself or one can be provided to you by your Web hosting provider or a third-party transaction-processing company.
Upon seeking to establish secure communications with your Web-based business (for example, when a consumer initiates an online purchase) the consumer's browser seeks to validate your Web site's authenticity by requesting an SSL certificate that verifies the identity of the Web site owner. Once that SSL certificate is recognized, a Secure Sockets Layer (SSL) connection is established for website security, encrypting data transmitted between you and the consumer including such information as credit-card and bank-account numbers.
Types of SSL Certificates
Online businesses may currently ensure website security by choosing between three types of SSL Certificates: Organizationally Validated (OV) SSL Certificates, Domain Validated (DV) SSL Certificates, and a third type of SSL Certificate, called Extended Validation SSL Certificates, which was introduced in early 2007. All SSL Certificates include data encryption and trigger the browser to display a closed padlock and the "https" prefix in the browser address window. However, not all provide the same level of validation that the bearer of the SSL Certificate is truly a legitimate business with a secure website.
- ORGANIZATIONALLY VALIDATED (OV) SSL CERTIFICATES: This level of SSL website security validation, currently offered by Network Solutions® and other certificate authorities (CAs), assures the validity of a Web site by verifying that the applicant is a legitimate business. Before issuing the SSL certificate, the CA performs a rigorous validation procedure, including checking the applicant's business credentials (such as the Articles of Incorporation) and verifying the accuracy of its physical and Web addresses. An Organizationally Validated SSL Certificate is an excellent website security option for any business conducting online transactions and accepting sensitive data, such as credit-card numbers, from customers
- DOMAIN VALIDATED (DV) SSL CERTIFICATES: The validation procedure is less rigorous for a Domain Validated SSL Certificate. When issuing a Domain Validated SSL Certificate, the CA checks only that the applicant's name and contact information matches the registration information in the WHOIS database for the domain name associated with the applied for SSL Certificate. Because CAs aren't required to validate the legitimacy of the applicant's business, Domain Validated SSL Certificates are a good choice for businesses where customers will not be transmitting sensitive data or are less concerned about website security issues like identity assurance.
- EXTENDED VALIDATION (EV) SSL CERTIFICATES: This newest level of Certificate validation is also available from Network Solutions. Introduced in early 2007, Extended Validation SSL Certificates are the first SSL Certificates to adhere to industry-wide certification guidelines established by leading Web browser vendors and Certificate Authorities, including Network Solutions. The Certificate application process itself is more thorough and the validation criteria more rigorous for EV certification, whose applicants, at least initially, are limited to certain types of business entities and government agencies. Among the new features of EV SSL Certificates is the color-coding of the Web browser's address bar to signal secure connections. The browser navigation window turns green to indicate an authentically validated site with an Extended Validation SSL Certificate, full website security, and encryption in place, and turns red when it encounters a known phishing or otherwise untrustworthy site.
At present, all businesses should consider trying to upgrade to EV SSL Certificates, assuming that they meet the validation requirements, since the EV SSL Certificate offers the
greatest level of website security on the SSL Certificate market today.
EV Certificates: The Next Level of Internet Security
Introduced in early 2007, Extended Validation Certificates (EV Certificates) represent the first major update of the Secure Sockets Layer (SSL) Certificate validation process in a decade. EV Certificates require substantial changes to the methods by which the authenticity and identity of online businesses are confirmed, helping consumers determine which Web sites are legitimate businesses having verifiable credentials.
An SSL Certificate performs two Internet security tasks:
- It assures customers that a Web site is legitimate and that the online business running the site is a real licensed business.
- An SSL certificate SSL encrypts data transferred between a customer's Web browser and the online business to prevent theft of sensitive information such as credit-card numbers, account numbers, and passwords.
The Internet security certificates are issued and validated by third-party companies called SSL Certificate Authorities (CA). When a properly issued SSL Certificate is present on a Web site, the site visitor's Web browser indicates Internet security with a closed padlock and an "https" in front of the Web address.
Although many SSL Certificate Authorities already perform rigorous checks to validate the legitimacy of applicants' businesses, EV Certificates standardize the validation system used by all CAs. Today, different CAs currently employ different types or levels of authentication when using non EV certificates, creating Internet security vulnerabilities that have been exploited for identity theft, fraud, and other online crimes. By contrast, the validation procedure for EV Certificates calls for all CAs to require applicants to supply the same documentation and verify legitimacy using a prescribed set of sources and methods.
As their name indicates, EV Certificates demand that CAs perform a more extensive validation process. To obtain EV Certificates, applicants have to provide CAs with more information about their business and the CAs have to verify the accuracy of the data through additional sources, including in some cases on-site visits to the applying business.
In addition to resolving the variations in validation procedures, EV Certificates take advantage of the enhanced Internet security features of the next generation of browser software. Consumers who visit EV-protected Web sites using next-generation browsers such as Microsoft's® Internet Explorer 7™, for example, experience both higher levels of validation security and a new visual indicator that a site's identity has been validated and its Internet security assured: Namely, the browser address window turns green when a secure, officially validated connection has been established.
Like sites using a different type of SSL Certificate for Internet security, those with EV Certificates continue to display the locked padlock icon and an "https" prefix to signal a secure connection.
Based on an industry-wide standard, EV Certificates were developed by a group called the CA/Browser Forum, consisting of the leading providers of Internet browsers and SSL Certificates, such as Network Solutions®. Eligibility for EV Certificates requires that you are either a government entity, corporation, unincorporated association, general partnership or sole proprietor. EV Certificates are expected to become the "gold "standard for online authentication.
|
