We can purchase and configure a SSL for your site.
Types of Certificates are and a small explanation.
Today there are three types of certificates that offer 3 levels of user trust for SSL/TLS negotiations: Domain Validated certificates (DV), Organization Validated certificate (OV) and Extended Validation certificates (EV).
Domain Validated Certificate
Domain Validated certificates are certificates that are checked against domain registry. There is no identifying organizational information for these certificates and thus should never be used for commercial purposes. It is the cheapest type of certificate to get, but this is a high risk certificate use on a public website. It is comparable to the “hooded man” or the zero star rating sellers. Visitors to a website with DV certificates cannot validate, via the certificate, if the business on the site is legitimate and thus often DO NOT trust this type of certificate. It is recommended using these types of certificates where security is not a concern, such as protected internal systems. This is an example of a DV certificate via Internet Explorer:
Details of the certificate subject: CN = www.domain.com
Organization Validated Certificate
Organizational certificates are Trusted. Organizations are strictly authenticated by real agents against business registry databases hosted by governments. Documents may exchange and personnel may be contacted during validation to prove the right of use. OV certificates therefore contain legitimate business information. This is the standard type of certificate required on a commercial or public facing website. OV certificates conform to the X.509 RFC standards and thus contain all the necessary information to validate the organization. Details of the certificate via Firefox:
Details of the certificate: CN = www.domain.com, O = Company Name, OU = Information Technology, L = San Diego, S = California, C = US
Extended Validation Certificate
Nothing provides more trust and security than Symantec Extended Validation Certificates. It is used by most of the world’s leading organizations. They have found that switching from OV to EV certificates increases online transactions and improve customer confidence. It is no longer a luxury but a necessity. “An important motivation for using digital certificates with SSL was to add trust to online transactions by requiring website operators to undergo vetting with a Certificate Authority (CA) in order to get an SSL certificate. However, commercial pressures have led some CAs to introduce ‘domain validation only’ SSL certificates for which minimal verification is performed of the details in the certificate. Most browsers’ user interfaces did not clearly differentiate between low-validation certificates and those that have undergone more rigorous vetting. Since any successful SSL connection causes the padlock icon to appear, users are not likely to be aware of whether the website owner has been validated or not. As a result, fraudsters (including phishing websites) have started to use SSL to add perceived credibility to their websites.” – Wikipedia. EV certificates reinstate the trust users have for a secured web site. The criteria for issuing EV certificates are defined by the Guidelines for Extended Validation and provide a vetting process that is much stricter than that for OV certificates. Apart from improving trust and confidence via the strictest authentication process, EV certificates triggers a visible Green Bar on modern browsers to distinguish the secured site apart from others. The combination of Symantec’s world trusted strict validation procedures, the Symantec/Norton Seal and the Green Bar provides the highest degree of trust amongst consumers. It is extremely difficult to impersonate or phish an EV enabled site as even if web content can be duplicated, the Green Bar cannot be triggered without a trusted EV certificate. Browsers that support EV Green Bar: Google Chrome, Internet Explorer 7.0+, Firefox 3+, Safari 3.2+, Opera 9.5+ Immediately when accessing a secured EV enabled site with one of the above browsers, the following can be seen:
(EV Green Bar cannot not be triggered by DV or OV certificates) Detailed certificate information: Visitors viewing details of the certificate will find more information about the organization than a DV or OV certificate:
Symantec Certificate policy required for the Green Bar: Certificate Policy: Policy Identifier=2.16.840.1.1137188.8.131.52.6
EV is good. It does work. Have a look at some of the success stories clients have at Symantec EV Success. The discoveries of vulnerabilities and increase in organized cyber-attacks in the recent years have made consumers more and more aware of security and SSL. More and more consumers look for the Green Bar and the Symantec Seal when doing online transactions. Extended Validation goes beyond security. It has become the baseline for any reputable site that care about security, brand and their clients. EV makes a difference. It has proven advantages over sites that do not have EV. Not all organizations are feasible to receive an EV certificate. However sites that switched from standard OV to EV have experienced 5 – 28% increases in web traffic and sales volumes. Commercial web sites cannot settle for anything less than EV status if they wish to stay competitive.
What certificate to choose? Go Green. Green is good.