News Stay informed about the latest enterprise technology news and product updates.

VeriSign touts benefits of Extended Validation SSL Certificates

VeriSign and other certificate authorities (CAs) have been at the forefront of Extended Validation SSL Certificates (formerly known as high-assurance certificates), which standardize the vetting process used by CAs against certificate buyers, and provide a safer browsing experience for end users. Chris Babel, VP and GM for SSL at VeriSign said the new certificates will help users identify safe e-commerce sites and avoid phishing lures.

What are the benefits of the Extended Validation SSL Certificates?

The beauty of the extended validation certificate is that it sets a unified standard. If a certificate issued by any of the certificate authorities meets that standard, what it will do is turn the browser green. Internet Explorer (IE7) is the first browser to accept that standard {Microsoft was expected to turn the functionality on at the end of January.] It's a big in-your-face way for consumers to see that they are somewhere that they can trust. It will help awareness around what an SSL certification does and we think that over time consumers will look for it. Will Extended Validation Certificates stop phishing?

I think phishing is a multipronged problem; there are many different layers. What we're really trying to do is help users recognize as much as possible when they're somewhere where they aren't supposed to be, and that green bar will be helpful in stopping consumers from doing the wrong thing. What is your long-term outlook for the authentication market?

There's a good market for hardware tokens with a set of enterprise customers. There's been a business there that's been around for a number of years, with a number of entrenched competitors and that business grows at a 10 percent year over year with replenishment and new users.

I think the area we see a lot of potential in is in online communities authenticating their users. So, for example, EBay could be trying to authenticate it high net-wealth individuals, or financial institutions are identifying their net-wealth individuals who are doing big-dollar amount transactions. We've seen a lot of traction there. I think this market is going to expand from being just enterprise focused to being more consumer based, but as it does, its footprint is going to expand, meaning that it's not going to just be token based. You're going to have one-time password creation in an application that's on your mobile phone, and for less valuable transactions, you'll have name and password login with a fraud detection engine running in the background.

<< Return to our special coverage of RSA Conference 2007

Dig Deeper on Two-factor and multifactor authentication strategies

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.