Network Solutions

SSL Certificates FAQ

Internet Security Learning Center

Helping to keep your web site secure

Learn how to secure your Small Business Web site from threats and how to create trust and increase confidence in your e-commerce offerings by using SSL Certificates, Site Seals, privacy policies, and copyrights and trademarks.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Web Security > SSL Certificates FAQ

SSL Certificates FAQ

 

Q: What are SSL Certificates?

A: Secure Sockets Layer (SSL) Certificates accomplish two tasks:

  • They assure your customers that you are who you say you are and that your business is what you say it is
  • They encrypt data transferred between your customer's Web browser and your on-line business to help prevent theft of sensitive information such as credit-card numbers, account numbers, and passwords.

When a properly issued SSL Certificate is present on a Web site, the site visitor's Web browser shows a closed padlock and an "https" in front of the Web address.

Q: What are Organizationally Validated Certificates?

A: All certificate issuers must verify that an applicant, usually an online merchant or business, is the registrant for the domain name associated with the certificate. Issuers of Organizationally Validated (OV) Certificates, sometimes called high assurance certificates, take additional steps to make sure that the applicant is operating a real business. To validate the legitimacy of the applicant's business, OV Certificate issuers such as Network Solutions follow such procedures as:

  • Verifying the legal, physical, and operational existence of the organization by checking various types of business credentials, such as business licenses or articles of incorporation.
  • Making sure that the person applying for the certificate is authorized to do so on the organization's behalf.

Q: How do issuers of Organizationally Validated SSL Certificates verify a business's legitimacy?

A: When a business applies for an SSL Certificate, the issuer requires it to supply a variety of information about the business. The issuer then confirms that information with reputable third-party sources such as:

  • WHOIS database information
  • Directories to prove physical address and telephone number
  • Dun & Bradstreet database
  • State Corporation Commissions

Q: Why do issuers of Organizationally Validated SSL Certificates go to such lengths to validate an applicant's legitimacy?

A: There are two primary reasons that issuers of Organizationally Validated (OV) SSL Certificates check applicants' business credentials:

  • Validating a business's legal, physical, and operational existence ensures that the business is legitimate
  • Rigorous verification procedures make it vastly more difficult for illegitimate parties such as phishers, spoofers, and other online criminals to obtain an OV Certificate and attempt to steal consumers' sensitive personal and financial data.

Q: How do Organizationally Validated SSL Certificates differ from Domain Validated Certificates?

A: Issuers of Domain Validated Certificates, sometimes called "low assurance" certificates, check only to make sure that the certificate applicant is the registrant of the domain name to which the certificate will be tied. They perform no additional checks to verify the legitimacy of the applicants business. While this level of validation may be appropriate for some Web sites, such as company intranets, consumers may not consider it sufficient for a company with which they're conducting transactions or sharing sensitive information. As noted above, the validation process for Organizationally Validated (or high-assurance) Certificates is more extensive and rigorous.

Q: What are Extended Validation (EV) Certificates?

A: Extended Validation (EV) Certificates, introduced in early 2007, require certificate issuers to perform additional verification of application information during the application process. EV Certificates also take advantage of advanced security features in next-generation browsers, such as the green browser bar added to Microsoft's® Internet Explorer 7™. Developed by a broad range of certificate authorities and browser companies including Microsoft and Network Solutions®, EV Certificates are available initially only to corporations and government agencies but are quickly expected to become the standard for online businesses of all types and sizes.

The Bottom Line: Network Solutions is a leading provider of SSL Certificates. To learn more about Network Solutions SSL Certificate services or to purchase your SSL Certificate today, please visit our SSL Certificates Product Page.