FORMIDABLE CA EXTENDED VALIDATION SSL CERTIFICATE
1. What is SSL?
SSL is an acronym for Secure Sockets Layer, a global standard security technology developed by Netscape in 1994.
Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a remote system and a client (for example a web server and browser). This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
2. What is an SSL certificate?
SSL Certificates are small data file that digitally bind a cryptographic key to an organization’s details. When installed on a server it allows secure connections from that server to a remote client – for example, between a web server and a web browser.
SSL Certificates can be used in many scenarios where and data transfer needs to be authenticated and/or encrypted. Examples of this are:
- Secure web browsing
- Online transactions
- Sending and receiving of email
- Secure storage and transfer of data
- Proving the authenticity and integrity of applications, or other code
3. Why do I need an SSL Certificate?
In today's environment, online customers are more wary than ever of Internet fraud, identity theft and "phishing" schemes. Installing the proper security and validation for your site is essential to gaining your customers' trust, and for letting potential customers know your site is a secure place where they can exchange confidential information, purchase products and services and complete secure transactions.
4. What is an EV SSL?
An ‘Extended Validation’ SSL Certificate offers additional assurance that the site you’re on is trustworthy. The address bar turns green on compatible browsers, visually and instantly verifying the authenticity and identity of the business. Research proves that this competitive advantage translates into reduced visitor abandonment, improved conversions, higher revenue per transaction and higher lifetime customer value.
The green address bar builds trust and makes a difference between purchasing and abandonment during checkout. People are expecting their browsers to tell them if it's safe to do business with you, and an EV SSL certificate tells them loud and clear.
Extended Validation will only be given to online businesses that can be verified through secure authentication processes that meet the extended validation guidelines established by the CA/Browser Forum.
5. Why Formidable CA EV SSL Certificates?
Formidable CA EV SSL certificates are highly trusted SSL certificates providing the industry standard encryption at an entry-level cost. It is the only EV SSL certificate to come with the Formidable CA Corner of Trust.
The CA/Browser Forum is the industry group that created the guidelines for EV SSL Certificates and those guidelines currently restrict EV Certificates to corporations, business entities (such as sole proprietors, general partnerships, unincorporated associations, etc.), and government entities. For those eligible, the application process for an EV Certificate is more thorough than existing procedures, requiring applicants to provide more detailed information about their businesses for final verification. The extended validation process is intended to enhance the authority of, and consumer confidence in, the Certificates and to make it nearly impossible for fraudulent or criminal applicants to receive an EV Certificate.
6. Who can issue SSL Certificates?
SSL Certificates can be issued by anybody using freely available software such as Open SSL or Microsoft's Certificate Services manager. Such SSL Certificates are known as "self-signed" Certificates. However, self-signed SSL Certificates are not inherently trusted by customer's browsers and whilst they can still be used for encryption they will cause browsers to display "warning messages" - informing the user that the Certificate has not been issued by an entity the user has chosen to trust.
Such warnings are undesirable for commercial sites - they will drive away customers. In order to avoid such warnings the SSL Certificate must be issued by a "trusted certifying authority" (such as Formidable CA), trusted third party Certification Authorities that utilize their trusted position to make available "trusted" SSL Certificates.
7. How long does it take before I receive an EV SSL Certificate?
Extended Validation has more stringent requirements than our other certificates. At this time, the validation process is expected to take about 2 to 3 business days once the Certification Authority has received all required documentation.
8. What type of information will a Certification Authority need in order to issue an EV Certificate?
When you apply for an EV Certificate you will be asked to provide certain types of information about your business or your client's business. This information may include:
- Dun & Bradstreet registration numbers
- Proof of physical address via database listings
- Opinion letter from legal counsel or certified accountant
- Other corporate, financial, and government documents such as Articles of Incorporation, bank accounts, and business licences
- Government-issued photo IDs
The Certification Authority will review and verify the accuracy of these documents. It may also perform additional checks before issuing the EV SSL Certificate. If the applicant's credentials can't be verified in accordance with the CA/Browser Forum guidelines, then the Certification Authority will not issue the Certificate.
9. What is a Certification Authority?
Browsers and Operating Systems come with a pre-installed list of trusted Certification Authorities, known as the Trusted Root CA store. As Microsoft and Netscape provide the major operating systems and browsers, they have elected whether to include the Certification Authority into the Trusted Root CA store, thereby giving trusted status.
SSL certificates issued by trusted Certification Authorities do not display a warning and establish a secure link between website and browser transparently. In such circumstances, the padlock signifies the user has an encrypted link with a company who has been issued a trusted SSL Certificate from a trusted Certificate Authority.
Microsoft and Netscape have therefore determined the role of the Certification Authority - to use their trusted status to "pass trust" to websites whom ordinarily would not be trusted by a customer. As a result of their "trusted" status, Certification Authorities have a responsibility to ensure they only ever issue SSL Certificates to legitimate companies. This may only be achieved by employing stringent validation processes to ensure issuance practices only allow the SSL Certificate to be issued to a legitimate company. After all, anyone relying on the presence of an SSL Certificate will do so not just for the encryption factor, but also to indicate the legitimacy of the site.
10. Do all SSL Certificates provide the same security and trust?
No.
The value of SSL is protected by one or two standard validation processes:
- Verify that the applicant owns, or has legal right to use, the domain name featured in the application.
- Verify that the applicant is a legitimate and legally accountable entity.
Our Essential SSL certificates use check 1 above and are suitable for internal business systems used by your employees. They can be used on websites; however the Premium and EV Certificates (which use check 2 above) are more suitable due to the additional business checks performed as part of the order process.
The EV certificate takes these checks even further to ensure the website you are connected to is genuine and trustworthy, and is the only certificate to give the green browser bar as visual verification that your transactions are safe.
This means that while all Certificates will secure your site, the Premium and EV products give your customers extra reassurance that the site they are trusting is genuine. In addition, the use of the Formidable CA Site Seal increases that reassurance further more.
11. Why do different SSL Certificates contain different information?
Our most basic Essential SSL Certificate only verifies domain names whereas our Premium and EV SSL Certificates are issued with either full business authentication or Extended Validation (EV) authentication, both of which require more information to validate the requesting business.
12. What is the Formidable CA Corner of Trust?
The Formidable CA Corner of Trust is a dynamic, animated graphic that displays in the bottom right hand corner on web pages secured by our SSL Certificates. When a visitor’s mouse hovers over your Corner of Trust, a small window appears to display information about your business. This helps establish credibility by letting them see that your business has been validated by a trusted third party. Additionally, it displays these vital identity details without distracting pop-ups or redirects, keeping your visitor on your site.
13. How will customers know that my site is secure?
When you have an SSL Certificate installed on your server, your site will display:
- A padlock symbol that appears in their web browser when your site is opened.
- The "https" prefix in front of your URL address in the browser.
When you install an Extended Validation certificate, the address bar on newer versions of web browsers will appear green whenever your site is opened, indicating that your site has the highest level of validation available.
In addition, the Formidable CA Corner of Trust is clearly visible on all Formidable CA protected sites and gives additional reassurance.
14. How do consumers check authentication information held within a certificate?
When browsing a secure suite, the remote server sends the certificate information to the browser. This information can be viewed by either clicking the closed padlock, checking the green address bar (if secured by an EV Certificate) or by hovering over the Formidable CA Corner of Trust.
15. Do Formidable CA SSL Certificates work with all browsers?
Our certificates are recognised by 99.3% of browsers in use today, and cover all popular desktop and mobile browsers.
16. How does Extended Validation differ from existing validation procedures?
The CA/Browser Forum is the industry group that created the guidelines for EV SSL Certificates and those guidelines currently restrict EV Certificates to corporations, business entities (such as sole proprietors, general partnerships, unincorporated associations, etc.), and government entities. For those eligible, the application process for an EV Certificate is more thorough than existing procedures, requiring applicants to provide more detailed information about their businesses for final verification. The extended validation process is intended to enhance the authority of, and consumer confidence in, the Certificates and to make it nearly impossible for fraudulent or criminal applicants to receive an EV Certificate.
17. What is a Certificate Signing Request or CSR?
The CSR is a string of text generated by your server software and is needed as part of the certificate order process. You provide this string of text during the enrolment process to enable us to issue an SSL Certificate unique to your web server.
18. Can I secure multiple servers with a single certificate?
Yes, however it is not recommended due to additional security exposure and risk, except when certificates are to be shared for redundant server backups, server load balancing, and SSL accelerators.
19. How do I receive my SSL Certificate?
When you purchase your SSL Certificate, it is issued electronically (no paperwork needed) and within minutes after confirming an email. Once all validation is complete, the SSL Certificate is issued electronically and is ready for installation.
20. What is a Warranty?
Formidable CA SSL Certificates come with warranties so that your site's visitors can have confidence when conducting a transaction with you. The amount represent the maximum amount site visitors may receive in compensation for a loss. All warranties are subject to the terms of our relying party warranty.
|
|
|
Legal Repository
Sitemap
Contact Us