Needham, Massachusetts – (The Hosting News) – February 21, 2006 –
A leading issuer of digital
certificates for web security, GeoTrust, Inc., has announced support for new High Assurance
According to GeoTrust, the new High Assurance SSL certificate standard, which is
being defined by leading browser companies including Microsoft, Mozilla and
Opera, in partnership with Certificate Authorities including GeoTrust and
VeriSign, as well as the American Bar Association Information Security
Committee, will entail a higher level of business verification than any
Certificate Authority’s current security methods.
Additionally, High Assurance
SSL certificate identity information will be clearly displayed in the new-
generation browsers, so that consumers will easily be able to discern that
they are indeed at the site they think they are, and not a fraudulent version
of a popular website.
Phishing occurs when consumers are lured to fraudulent sites by following
links in emails they think are from legitimate companies. Gartner, a leading
market research firm, estimates that over 73 million U.S. adults believe they
have received phishing emails, and that 2.4 million online consumers reported
losing money directly because of phishing attacks. In its February 2006
report, the Anti-Phishing Working Group estimated there were 7,197 unique
phishing sites reported in December 2005, a huge increase from the 4,630
reported in the prior month. Not surprisingly, close to 90 percent of attacks
are launched at financial institutions, where phishers attempt to solicit
account numbers and password log-ins to gain access to consumers’ accounts.
Neal Creighton, CEO of GeoTrust commented on the news, ”We took a leading role in this initiative, which has brought together the industry’s major browser developers and Certificate Authorities, as well as companies such as RSA Security and Identrus, because we know that it’s critically important to find new ways to enhance online trust. By creating a new and higher standard for verifying organizations, the High Assurance SSL certificate standard will help to restore the type of business innovation that the Internet promises.”
The new specification for verifying identities for the new High Assurance SSL certificate is expected to be finalized in the coming months. The vetting process will be much more comprehensive than any Certification Authority’s current vetting standards, which primarily rely on email and faxed information, database lookups and phone calls before issuing an SSL certificate.
A Microsoft Internet Explorer developer’s weblog has published extensively on the new security features in IE 7, the work of the browser and Certificate Authority initiatives, and includes examples of how the new High Assurance SSL certificate information would display within the new Internet Explorer browser. This information can be found at: http://blogs.msdn.com/ie/archive/2005/11/21/495507.aspx.
Chris Bailey, GeoTrust’s Chief Technical Officer added, “For over a year, a dozen companies have been meeting to find new ways to address the issue of phishing and restore consumer confidence in online transactions. The result is that we will have one standard, with a thoroughly defined vetting process, for the issuance of High Assurance SSL certificates. While not every site will require them, it is our view that financial institutions and large e-tailers will want to convey this added assurance to their customers.”
To learn more, please visit: www.geotrust.com.