TulipTools Internet Business Owners and Online Sellers Community

Quote: Phishing and other forms of online fraud continue to be a growing problem, impacting online businesses and creating distrust among customers. According to a recent survey by Forrester Research, 84% of respondents—representing more than 119 million adults—believe businesses are not doing enough to protect them and 24% did not make purchases online at all due to security concerns. Security vendors and online retailers have been working tirelessly to bring trust to the Internet, and, as a direct response to the rise in Internet fraud as well as an effort to regain consumer trust and confidence, a new form of SSL certificate, referred to as a “high-assurance” SSL certificate, is due for release later this year.

The new certificates will demonstrate that a given site’s identity has been authenticated according to a specific process that the high-assurance standards committee has determined to be reliable based on the measured results of this process, so that consumers can be confident that the site they are connecting to is authentic and safe for shopping. Leading browsers will display these certificates differently than they do traditional SSL certificates, giving the online shopper increased information about the security decisions of the sites they connect to...

full article: http://www.internetretailer.com/article.asp?id=19752

Quote:Verisign is at the RSA Europe Conference in Nice talking up a new breed of online security certificate. The padlock encryption symbol used by browsers has been effectively meaningless for some time, and consumer paranoia surrounding fraud remains a barrier to using online commerce for many.

In response, the verification industry in the form of the CA browser forum has come up with extended validation SSL, where the certificate really is a guarantee of kosher status. Honest...

Firms will have to stump up about 150 per cent of what they currently do for an SSL certificate...

full article: http://www.theregister.co.uk/2006/10/25/...alidation/

Quote:Joy Viren Murphy will be getting a lump of coal in her stocking this year.

The entrepreneur has been selling handmade Christmas stockings for 12 years, the last eight of them online. Working from the attic of her three-story Rock Island, Ill., Victorian house, Ms. Murphy makes a couple of thousand stockings a year. During the busy months, October through December, her sister and niece come over to help her cut, tack and stitch.

But her business, Aunt Joy's Personalized Christmas Stockings, is facing a new, high-tech hurdle, thanks to Microsoft Corp's. new Internet Explorer 7 Web browser. IE7 has a security feature that will turn Web-address bars green and display owners' identities when consumers visit secure sites from businesses verified as legitimate. The color change will be a boon for consumers, who have been barraged in recent years with "phishing" scams designed to lure them to fake versions of popular Web sites, like eBay or their bank, to filch their account numbers. The hope is that the program will help reduce fraud, lift trust and boost e-commerce.

But browsers won't turn green when customers visit Ms. Murphy's site. That's because sole proprietorships, general partnerships and individuals won't be eligible for the new, stricter security certificates that Microsoft requires to display the color...

full article: http://online.wsj.com/public/article/SB1...d=rss_free

A related article:

Quote:The CA/Browser Forum wants to bring increased safety to web banking and e-commerce by developing a new digital certificate that can better verify a site's legitimacy. The technology is already included in Internet Explorer 7 and Opera 8 and certainly looks like a step in the right direction—for the companies that are able to get a certificate.

The Forum has developed guidelines for Extended Validation SSL certificates that are far more robust than traditional SSL certificates. They will suddenly become much more important to consumers in January, when Microsoft begins using them with IE7 to verify that sites are safe to use. A green address bar will alert consumers to the fact that the site is approved with an EV certificate, and the CA/Browser Forum has made sure that these are not simple to obtain. That's good news for sites that can get one, but not so good for small businesses, which generally cannot...

full article: http://arstechnica.com/news.ars/post/20061226-8496.html

Unless it is made clear to consumers that this "green bar" is only available to large online businesses, this totally SUCKS for small businesses!!

Even if it is spelled out for the consumer, it could take an inordinate amount of time to sink in that not having a green bar does not mean the business is not safe, damn it!! 

*going to my room and having a hissy fit*

Quote:A long-promised technology for helping consumers verify the legitimacy of commercial Web sites made its debut on the Internet Friday: Visit online security company Entrust's login page with Microsoft's Internet Explorer 7 Web browser and you'll notice that the address bar has turned from white to green.

Entrust's site appears to be the first to feature what are being called "extended validation certificates,"...

These new and improved EV certs are quite a bit more expensive than SSL certs: Entrust plans to sell its EV certs at $499 apiece per year (and that's its "intro price"), whereas its regular SSL certs sell for about $150 (and you can find SSL certs for much cheaper elsewhere). Verisign, the world's largest and probably most recognizable SSL provider, has set its price for EV certs starting at a hefty $1,300 per year...

full article: http://blog.washingtonpost.com/securityf...mak_1.html

Update:

Quote: Until this month, unincorporated small businesses, sole proprietors and many other business entities were ineligible to qualify for Extended Validation (EV) SSL certificates, which provide the most advanced levels of online shopping security available. But after strong encouragement and negotiation efforts by small business defender and Web solutions provider Network Solutions®, the members of the Certification Authority/Browser Forum have expanded and approved the guidelines to make an additional 18+ million US-based businesses eligible to receive an EV SSL certificate.

Small, unincorporated, business owners with online storefronts have cause for celebration this summer, as the Extended Validation (EV) SSL certificate guidelines that had once placed them at a huge disadvantage against the “big box” e-tailers, have been modified to level the playing field. The Certification Authority/Browser Forum, whose members include certification authorities like Network Solutions® and leading browser vendors, decided that EV SSL certificates can be made available to more than 18 million US-based small businesses that were previously ineligible to qualify for this level of online shopping security...

full press release: http://www.internetretailer.com/pressRel...p?id=22740

$399.50 per year? :blinkie:
http://www.networksolutions.com/SSL-certificates/ev.jsp

[quote author=jezebel link=topic=5122.msg57071#msg57071 date=1181858239]
$399.50 per year? :blinkie:
http://www.networksolutions.com/SSL-certificates/ev.jsp
[/quote]

e-d-i-t

The SSLs are 2 years.  Introductory 2 year price $799.  Regular price $999 for 2 years.

Verisign is charging $1,499 for 1 yr and $2,695 for 2 yr. EV SSL certs.  GoDaddy is $499 1 yr and $800 for 2 yr.  GeoTrust $899 1 yr and $1,573 2 yr.  Comodo $849 1 yr and $1,375 2 yr.