On this page you will find the answers to the following questions:
►What is an Extended Validation certificate?
An Extended Validation certificate is a certificate which has been validated according to the stringent standards defined by the organisation CA/Browser Forum. Because of the strict authentication guidelines, the CA issuing the certificate can guarantee that the concerned company exists, and that the company has the right to use the domain – in other words that the website is not an illegitimate website.
To show the users that it is safe to shop and enter sensitive information on a website, the Extended Validation certificate turns the address bar green. The consumers do thereby see in a clear, simple and fast way that it is safe to exchange private information with the website. Next to the address bar, a field appears displaying the name of the company to which the certificate got issued as well as the name of the CA that has issued the certificate.
One of the most important functions of an SSL certificate is to show the users of your SSL secured application that the company behind it is registered with the correct authorities, and that the company has the right to use the domain on which the certificate is installed, i.e. that the certificate has been authenticated and validated. Since the development of the SSL technology back in the mid nineties, there has not been a common, universal authentication standard. This means that some CAs issue certificates validated automatically by a computer, whereas other CAs issue certificates validated manually by several persons performing verification calls etc. In some instances it happened that certificates got issued to a website not owned by a registered company, but someone with fraudulant intentions.
In autumn 2006 leading CAs and browser vendors agreed to a common, universal standard, the standard Extended Validation.
There is no doubt that it is essential to online businesses that the users have confidence in the website and the company. In real life we can walk into a shop, touch the goods, observe the surroundings and speak with the salesmen. In other words we can use our senses to get an idea of the trustworthyness of the shop. On the internet, on the contrary, it can be very difficult to evaluate the seriousness of an e-shop. Therefore there is a certain level of insecurity among the users of the internet.
Research shows that 60% of all European online shoppers have abandoned an online transaction due to security concerns (TNS Research 08/06). Furthermore, 84% of the participants in a Forrester Research from 2005 have said that they do not believe that the online shops do enough to protect their customers (Lauri Giesen IN Internet Retailer, March 2006: "Hand-holding: Fraud-weary consumers look for the seal of approval"). And actually more than 24% of the people asked said that they do not shop online at all due to security concerns (ibid).
These results underline that it is extremely important that the visitors trust the website, as visitors with confidence in the website tend to take more action (buy, sign up etc) than visitors without doubts.
When visitors see the catchy green bar, they know that it is safe to shop. Consumers thus feel more secure and have more confidence in the website, and the chances that they buy something, sign up for a newsletter etc. are bigger.
It is also worth noticing what your competitors have undertaken to increase consumer confidence. If your closest competitor has installed an EV certificate, it is a good idea that you do it – otherwise you might risk that potential customers turn to your competitor’s website. If your competitors have not installed an EV certificate yet, why not be the first company to put up new standards for security in your business?
Actually, tests show that an EV cert with the green address bar can turn more visitors into customers, can decrease the abandon rate, can increase the average purchase price and can increase customer satisfaction.
EV certificates can only get issued by approved CAs that live up to the standards defined by the CA/Browser Forum. To be able to issue EV certificates, the CA has to undergo an annual audit by an external company as e.g. KPMG. Comodo lives up to these strict standards, and Secorio is therefore able to offer EV SSL.
As mentioned before, the validation methodology for EV certificates is very strict. During the process we control the legal status of the company, the physical address and the main number, the domain ownership etc.
Consumers can be assured that a website with a green address bar is 100% legitimate, since it is technically impossible for phishers to imitate the green bar and the field with information about the domain owner and the issuing CA.
Yes, an EV certificate can encrypt information in all browsers. However, only in the new high security browsers, the green address bar and the field with information about the company and the CA will appear. This means that your users will see the green address bar in Internet Explorer 7 and before long also in FireFox version 3 and the new version of Opera. It is important to underline that an EV certificate always fulfil its basic function; to encrypt the information on the server.
If the user shall be able to see the green address bar in Internet Explorer 7, two conditions have to be fulfilled. First of all, the anti phishing filter has to be activated, and second of all the operating system has to be Windows Vista. However, if the operating system is Windows XP, the user will still be able to see the green address bar, if he has visited a website with Comodo’s EV Enhancer.
The EV Enhancer is a script included in the price of your EV certificate from Secorio. You can install the script on a website from which it automatically updates the root store of the visitors enabling them to see the green bar – without them noticing anything. Comodo consequently exploits an existing function in Windows XP to update the root store of the visitors enabling them to see the green address bar in the future on sites with an Extended Validation certificate from Comodo.
The encryption strength of the EV SGC Certificate corresponds to the Premium SGC Certificate what means that all users will obtain a minimum encryption of 128 bit, no matter which browser and operating system they use. Read more about encryption strength and SGC here.
First of all, you can see the green address bar (with IE 7,0) on our homepage. You can also see the green address bar on e.g. the following sites:
EV certificates cannot be tested. But you have the possibility to test our Standard SSL certificates. Please contact us, should you wish to test a fully validated and functional SSL certificate for free for 30 days. And please keep in mind our 30 day unconditional refund policy for purchased certificates.
Do you wish to order an EV certificate, please contact us per phone or mail, and we will guide you through the process explaining you which documents to fill in to be authenticated and validated.
In addition to that you can also order a certificate on our website yourself by clicking on the desired certificate in this overview.
In our order guide you will find an overview of the steps that you will need to go through in order to obtain an SSL certificate.
You are welcome to contact us per phone, mail or chat, should you have any questions.