Categories
Articles Domain Technology Web Security

Understanding Types of SSL Certificates, Their Validation Process and Points to Consider Before Buying Them

When someone purchases anything over the internet and pays through online banking or via other payment options like PayPal, 2checkout, etc., his/her personal information is transmitted, which if not encrypted, is at particularly high risk. The SSL (Secure Sockets Layer) protocol secures the transmission of information between a domain name and the visitors. This means that the account information entered by an individual while shopping online should safely arrive on the server of the shop owner without any third party gaining unauthorized access to it.

Also, many of you would’ve noticed a sudden increase in the number of online attacks happening over the web recently. There are numerous types of attacks like phishing, spamming, eavesdropping etc. than can jeopardize your website, causing an irreversible damage to your online reputation. SSL Certificates not only provide a security shield against such attacks, but also help create an aura of trust and a sense of security in your customers’ mind that you’re a credible organization validated by a proper certification authority and that it’s safe for them to share their data with you. The video below will help you get a detailed idea of how an SSL certificate works, and will likely solve most of your queries:

However, a blind trust in SSL Certificates can be dangerous. A website that displays an SSL certificate should be reliable and recognized by an authorized certificate authority.

Self-Signed SSL does not provide complete protection
There are many self-signed SSL encrypted websites out there that aren’t safe for secure transmission of your sensitive data. A Self-Signed Certificate is less trustworthy because it is signed by an individual and not by a trusted authority.

  • Such certificates have nothing to do with the identity of the person or organization that actually performed the signing procedure.
  • Self-Signed certificates aren’t trusted by other applications/operating systems. This may lead to authentications errors when a visitor lands on a website.
  • They use low hash and cipher technologies. Due to this, the security level implemented by self-signed certificates may not satisfy the current Security Policy etc.
Self Signed Certificate disadvantage
A likely occurrence if you use a Self-Signed Certificate

So, when you buy an SSL certificate for your e-commerce business, always pay attention to two main points:

  • SSL certificates provider – When you decide to purchase SSL certificate for your ecommerce business, you should check the review of certificate provider and examine which company is serious about the security of your data. Also, check some other criteria like whether the IT processes with in the company are ISO 27001 certified or not.
  • Choose right product – Always remember, expensive ? quality. There are various types of SSL certificates available in the competitive market, and not every one of them is right for you. So evaluate your business requirements properly and then so come to a decision as to which certificate can fulfill them best . There are many SSL wizards out there that can help you with this.

Once you’ve bought an SSL Certificate from a reputed organization, take care of two things:

  • When your certificate is going to expire, your SSL provider will send you a notice for its renewal. You should not be careless about such warnings. Visitors tend to move away from websites having expired security certificates. While renewing your certificate your email address or web address should be the same as you had while applying for the SSL certificate. A continuous ignoring of such warnings can have a negative impact on your business in long time.
  • Buying an SSL certificate is not enough. You must take proper steps to ensure proper implementation of the SSL protocol on your website. Have a look the common errors people do while installing SSL Certificates on their website.

Differences in certificates validation:

There are different processes for examining the authenticity of a website owner’s identity; some authorities do verification via telephone, while some examine the documents of an organization. Without checking or examining the identity, a certificate cannot be issued. Different types are SSL certificates have different validation processes:

Different types of SSL Certificate validation
Different types of SSL Certificate validation
  • Domain validation certificates: For domain validation, the certification body only checks whether the applicant is the owner of the domain. A message is sent to the administrative e-mail address of a domain, and it must be acknowledged to confirm ownership. The risk of deception for these certificates are relatively high.
  • Organization Validation certificates: In these cases, additional corporate data, like name and full address of the organization etc. are thoroughly checked.

Wrapping Things Up
As I had mentioned in one of my previous articles, SSL is a powerful tool for protecting not only your user’s data, but also their confidence in you. It’s the first thing a user will look for when deciding whether or not to trust a site, but it doesn’t cover all the security issues. It’s just one aspect of a greater effort. SSL protects data during one specific period of time, but that time isn’t the only window of opportunity that an attacker has to strike. Proper installation must be done to ensure that when you employ SSL you don’t render it redundant by neglecting to examine your systems for weaknesses in other key areas. It should never be assumed that a system is secure. A system should be proven to be secure by pro-actively seeking out weaknesses and eliminating them.

Categories
Articles Domain Legal News Web Security Web Security Website Development

What is a Multi Domain EV SSL Certificate?

Maintaining a  high level of online trust and security in compliance with industry-wide security regulations can be a daunting task for organizations  as it requires timely updates to the IT security infrastructure which are sometimes very expensive. To keep a sense of trust and security intact in the minds of website visitors and at the same time keeping expenditure within manageable limits is thus a very herculian task. This is where a  Multi Domain EV SSL security certificate comes in.

 Multi Domain EV SSL security certificateis a ‘best of both worlds’ product in a way that it provides stringent and tough authentication at par with  industry standard EV SSL (Extended Validation) certificate, and has the ability to package multiple domains , thereby effectively cutting down the costs for the buyer. For example, a single EV SSL MDC can secure- domainA.com, domainB.com, secure.domainA.com, login.domainB.com and anydomainunderthesky.any-tld. The most important thing to note here is that a EV Multi Domain SSL certificate covering all these five domains will cost significantly lesser than the cost for five separate security certificates for the same five domains.

A  Multi Domain EV SSL certificate also saves a lot of time as even though it requires each domain to  go through the domain authentication process separately, the identity of the website owner has to be authenticated only once. This makes it the perfect security solution for small and medium scale business  looking to secure their online transactions.

How do I choose the best  Multi Domain EV SSL certificate for me?
Like every other security solution, the selection of a  Multi Domain EV SSL certificate best suitable for you also depends on a number of factors, such as  price, the number of domains needed initially and flexibility in adding new ones during the time period covered by the certificate. For example, you plan to secure only 5 domains now under the Multiple Domain EV SSL, but anticipate a healthy growth of your business in future and hope to secure 10 domains in an year or so, then you must go for a provider who is flexible in adding new domains under a single certificate and has sales representatives/support available for live chat 24*7. You must also do a proper research on the provider and look for online reviews of their products online.

A detailed article to choose the best SSL provider is here, but these are  some vital features one must surely check while buying a Multi Domain EV SSL security certificate:

  • Security Level: Complete Business or Organization Validation.
  • Encryption Level: The Toughest 256 Bit SSL Encryption.
  • Serve License: Unlimited Server Licenses. (Without Any Extra Charges)
  • Issuance Speed: Within 1 to 10 working days.
  • Compatibility: 99.99% the latest web browsers and mobile device compatibility.
  • Assortment: SAN / Multi-Domain / UCC option obtainable.
  • Additional Plus: Order www.domain.com & additional plus secure.domain.com.

The multiple domain packages offered by SSL security certificate authorities differ considerably. For Example, GeoTrust offers five additional multiple domains with its starting package and provides an option to  add additional domains in increments of five, up to a total of 25. This is completely different from Comodo, while offers only three additional multiple domains with its starting package but gives an option to  add up to 100 total domains, one at a time. Every Multi Domain EV SSL certificate package thus has it’s own pluses and minuses depending on their price, difficulty of installation etc., the key lies in choosing one which best suits your needs.

Categories
Articles News Technology Web Security Web Security

How to Choose the Right and Best SSL Certificate Provider-10 Simple Tips

With the number of online scams and frauds multiplying day by day, the need for SSL certificates to validate the credibility of a website is on rise. And most of the eBusiness owners are well aware of this fact, taking proper steps to put forth their website as reliable and trustworthy by displaying trusted symbols of web security on their online eCommerce platforms.

However, there is a major problem when it comes to picking the right SSL certificates provider. Most people, when looking for a SSL certificate provider, put their first foot forward with google, which is perfectly alright, but the problem arises when they search using terms like cheap, cheapest, less price, best price, discount, best deal and…you get the picture. And here is the thing- a quality SSL certificate with the strongest encryption technology to build trust, boost confidence and increase conversions does not come at the cheapest price.

Purchasing an SSL Certificate which is the cheapest among the lot will probably save you a few bucks, but it won’t bring with it a 24/7 technical support and admin management tools to manage all your web security needs in one place. Yes, price is a major factor and one must go for an SSL which best suits his budgetary constraints, but price is only one of the many factors, which are perhaps equally, if not more important in a larger scheme of things.

Here is quick list of factors you need to consider before choosing an SSL Certificate Provider that best fits your needs:

Make sure that the SSL provider has a valid EV SSL Certificate themselves.
How to choose best ssl provider.
There are plenty of SSL resellers out there who’ll fulfil your security needs at a very cheap price, but a little background research will tell you that most of them are fly-by-night companies who cannot even get an Extended Validation (EV) SSL themselves after being authenticated and approved by a third party certificate authority. Go for a provider with a Green bar. It’s the most basic prerequisite.

Make sure that the SSL provider Has a Dedicated Phone Support.
When a major portion of your business is online it’s a certainty that at some point you will experience technical issues since web servers are a core part of doing business online. Choose an SSL provider you can call at 3 in the night and have your problems rectified.

Make sure that the SSL provider has a valid mailing address.
Again, when you’re doing business on the web, don’t select a provider who is working from a virtual office or out of their home. Make sure they’ve a valid mailing address.

Make sure that the SSL provider focuses only on SSL.
If a provider is adding SSL offerings to a multitude of products they already offer to munch on a little extra money, then it not set-up appropriately to manage the support needs of their SSL customers and choosing them is the worst decision you’ll ever make. Go for an SSL provider dedicated and focused solely on SSL certificates.

Make sure that the SSL provider offers multiple SSL brands.
A provider offering a single brand of SSL cannot offer unbiased suggestions for all for all your SSL security needs and will always recommend that single SSL brand regardless of whether it fits your needs or not. Go for a provider that offers you a a wide portfolio of SSL brand options to choose from.

Make sure that the SSL provider offers true 24/7/365 live support.
Run a thorough check and make sure that the SSL provider you plan to go for provides 24/7 support via chat, phone and email accommodating all time zones.

Make sure that there is a reference letter available from the vendor for the SSL provider.
Always ask for reference letters and if possible visible confirmation of relationship between the Reseller and certificate authority. You know Barack Obama, but does he know you?

Make sure that the SSL Provider has an auto SSL Renewal system.
Not all, but many SSL providers lack a proper management program to handle client orders, communication preferences and billing systems, and don’t keep a track on the expiry dates of their customers certificates, which results in sites losing their certificate when it expires, thereby coming across as unencrypted, entrusted and unsecure to the website visitors. Pick a provider who promises to remind you before your SSL certificate expires.

Make sure that the SSL provider offers a money back guarantee.
A litmus test to check the credibility of a provider. If a provider doesn’t offer at least a 30 day timeline to submit a cancellation request and getting full refund incase you aren’t satisfied with their services, that as big as a red flag gets.

Make sure that the SSL provider offers SSL tools to confirm SSL installation.
Go for a provider that provides SSL tools to authenticate SSL security features and to confirm whether the SSL has been installed on the web server or not.

In addition to the points listed above, always check the reputation of your provider online. Search for their reviews not only on their websites, but also on forums that’re well outside their control. No one is in a better position to comment on the quality of their services than people who’ve had first-hand experience of working with them.