Online Security

Do You Need an EV Certificate?

Article Rating: 2 / 5 Votes: 47

Category: Online Security , Securing Your Website

Introduced in early 2007, Extended Validation Certificates (EV Certificates) represent the first major update of the Secure Sockets Layer (SSL) Certificate validation process in a decade. EV Certificates require substantial changes to the methods by which the authenticity and identity of online businesses are confirmed, helping consumers determine which websites are legitimate businesses having verifiable credentials.

An SSL Certificate performs two Internet security tasks:

  • It assures customers that a website is legitimate and that the online business running the site is a real licensed business.
  • An SSL certificate SSL encrypts data transferred between a customer's Web browser and the online business to prevent theft of sensitive information such as credit card numbers, account numbers, and passwords.

The Internet security certificates are issued and validated by third-party companies called SSL Certificate Authorities (CA). When a properly issued SSL Certificate is present on a website, the site visitor's Web browser indicates Internet security with a closed padlock and an "https" in front of the Web address.

Although many SSL Certificate Authorities already perform rigorous checks to validate the legitimacy of applicants' businesses, EV Certificates standardize the validation system used by all CAs. Today, different CAs currently employ different types or levels of authentication when using non EV certificates, creating Internet security vulnerabilities that have been exploited for identity theft, fraud, and other online crimes. By contrast, the validation procedure for EV Certificates calls for all CAs to require applicants to supply the same documentation and verify legitimacy using a prescribed set of sources and methods.

As their name indicates, EV Certificates demand that CAs perform a more extensive validation process. To obtain EV Certificates, applicants have to provide CAs with more information about their business and the CAs have to verify the accuracy of the data through additional sources, including in some cases on-site visits to the applying business.

In addition to resolving the variations in validation procedures, EV Certificates take advantage of the enhanced Internet security features of the next generation of browser software. Consumers who visit EV-protected Web sites using next-generation browsers such as Microsoft's® Internet Explorer 7™, for example, experience both higher levels of validation security and a new visual indicator that a site's identity has been validated and its Internet security assured: Namely, the browser address window turns green when a secure, officially validated connection has been established.

Like sites using a different type of SSL Certificate for Internet security, those with EV Certificates continue to display the locked padlock icon and an "https" prefix to signal a secure connection.

Based on an industry-wide standard, EV Certificates were developed by a group called the CA/Browser Forum, consisting of the leading providers of Internet browsers and SSL Certificates, such as Network Solutions®. Eligibility for EV Certificates requires that you are either a government entity, corporation, unincorporated association, general partnership or sole proprietor. EV Certificates are expected to become the "gold "standard for online authentication.

The Bottom Line: EV Certificates are the highest level of SSL Certificates on the market today and Network Solutions is a leading provider of them. To learn more about Network Solutions' nsProtect™ Secure EV SSL Certificate services or to purchase your nsProtect™ Secure EV SSL Certificate today, please visit our SSL Certificate Product Page.