Secure Sockets Layer (SSL) technology protects your Web site and makes it easy for customers to trust you.
An SSL Certificate enables encryption of sensitive information during online transactions | Each SSL Certificate contains unique, authenticated information about the certificate owners | Every SSL Certificate is issued by a Certificate Authority (CA) that verifies the identity of the certificate owner
An SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key. They can begin a secure session that guarantees message privacy and message integrity.
Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver’s license, an SSL Certificate is issued by a trusted authority, the Certificate Authority (CA). When the SSL handshake occurs, the browser requires authentication from the server. A customer sees the organization name when they click certain SSL trust marks or use a browser that supports Extended Validation. If the information does not match or the certificate has expired, the browser displays an error message or warning.
Without SSL encryption, packets of information travel through networks in full view. Imagine sending mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might take it or change it. Without third-party verification, how do you know a Web site is really a business you trust? Imagine receiving an envelope with no return address and a form asking for your bank account number. An SSL Certificate helps Web site visitors protect sensitive information and get a better idea of who they are trusting with it.
As the applications for SSL have started to become wider, three types of SSL Certificates are issued by the Certification Authority (CA):
where the CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.
where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.
where the CA checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, that specify all the steps required for a CA before issuing a certificate, and includes:
EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV SSL Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.