Jersey City, NJ, September 01, 2009 - In order to make the business of exchanging information on the Internet as clear as possible, even among different platforms and languages, software developers have designed a clear standard of communication. That standard is called the Hyper Text Transfer Protocol (HTTP).
The disadvantage of such a clear protocol is that anyone who intercepts an online transaction can easily read it unless it has been altered. The computers exchanging the information can agree upon a method to disguise it. The text can be changed using a process called encryption. When computers exchange encrypted text, the protocol is called HyperText Transfer Protocol Secure (HTTPS).
The two computers agree to transpose the message into an unintelligible "hash" of characters. HTTPS uses a document called a "digital certificate" to create the hash file. Only the owner of the private key associated with the digital certificate can read or understand the encrypted communication.
The two computers agree to transpose the message into an unintelligible "hash" of characters. For example, instead of plain characters, encrypted text looks like this:
Most popular Internet browsers acknowledge SSL communications by displaying a small yellow padlock appears in their bottom right-hand corners.
Recently hackers have discovered that they could buy SSL certificates online, without their trustworthiness being checked. The only verification is a series of email challenges that determine whether the applicant has some access to the domain name listed in the purchased certificate. If a hacker passes the email test (even if he or she is not the legitimate owner of the domain), he or she receives a "domain-validated" SSL certificate, enabling the browser to display the golden padlock.
Many Internet users believe that the padlock signals that their online communications are safe. Although the hacker is using encryption, these low level certificates do not give any guarantee that a user is communicating with the right company. Their information may be securely transferred straight into the hands of a thief.
Checking a website's certificate is a good practice that helps netizens avoid spoof websites, sometimes called "phishing" sites. To check the certificate, click on the padlock. The browser will display the name of the owner of the certificate. This name should match the name of the website operator.
Companies requiring digital certificates have a better alternative for online communications: Extended Validation (EV) SSL certificates. To receive EV SSL certificates, online businesses must be verified as to their business identity and their existence. A business must be verified by a certificate authority, both that it is an existing business and that it has exclusive control over the domain.
When Internet users access a website using an EV SSL Certificate, they receive a special confirmation. All popular browsers turn their address bars bright green as an indicator that the business has passed the more complex validation process, adding a visual reassurance that this online transaction is with a confirmed entity.
Seeing a site with an EV SSL Certificate confirms two essential factors:
That the user has a secure SSL (encrypted) link with this website
Comodo is a leading brand in Internet security, covering an extensive range of security software and services, including digital certificates, PCI scanning, desktop security, online faxing, and computer technical support services.
Businesses and consumers worldwide recognize Comodo as standing for security and trust. Comodo products secure and authentic online transactions for over 200,000 business and have more than 18,000,000 installations of Comodo desktop security software, including an award-winning firewall and antivirus software offered at no charge.
The Comodo family of companies is committed to continual innovation, core competencies in PKI, authentication, and malware detection and prevention. As a catalyst in eliminating online crime, the companies' mission is to establish a Trusted Internet.
With US headquarters overlooking Manhattan on New Jersey's waterfront, and global resources in United Kingdom, China, India, Ukraine, and Romania, Comodo products offer intelligent security, authentication, and assurance.
Comodo -- Creating Trust Online®. For more information, visit Comodo's website.
About Katharine Hadow Katharine Hadow is Public Relations Manager at the Comodo companies, which provide the infrastructure that is essential in enabling e-merchants, other Internet-connected companies, software companies, and individual consumers to interact and conduct business via the Internet safely and securely. The Comodo companies offer PKI SSL, Code Signing, Content Verification and E-Mail Certificates; award winning PC security software; vulnerability scanning services for PCI Compliance; secure e-mail and fax services.
Continual innovation, a core competence in PKI, and a commitment to reversing the growth of Internet-crime distinguish the Comodo companies as vital players in the Internet's ongoing development. Comodo secures and authenticates online transactions and communications for over 200,000 business customers and has over 10,000,000 installations of desktop security products.
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
.gif)
