Hotline for Urgent orders
+44 (0)1908 200 987
Quick Guide to SSL Certificates
Secure Sockets Layer Certificates or SSL’s are 2-component encryption software products, which secure the connection between the website user and the website operator and their web server. This secure connection protects any data being passed/uploaded by the user to the server. Their presence is normally depicted by the Padlock image displayed in browser or more recently in the address bar with the advent of Extended Validation SSL and use of the Green Bar.
The market for SSL certificates has matured rapidly over the last 15 years to the extent that Internet Retailers are required to use SSL certificates to encrypt all Payment Card transactions and any personal data captured by their servers via their websites. Payment Card Industry compliance has driven this standardization.
There are a number of Certificate Authorities and other vendors selling SSL certificates online and through approved resellers.
The Top 10 CAs are thought to be:
They all sell broadly similar classes of certificates, but rather confusingly they have all adopted different terminology for the same certificates and associated feature-sets. There are basically 3 standard types for Internet Retailers / Website Operators and other more specific, Enterprise Class certificates like Unified Communications SSL, which protects remote access to email servers.
Extended Validation SSL – a High Assurance Certificate, which enables the Green Bar in your browser. This tells your customers that you have been have been vetted thoroughly and that their card payments are protected by the highest level of trust. EV SSL affords the highest level of trust and these certificates cannot be obtained by rogue traders or cyber criminals.
Organisation Validated SSL – a Medium Assurance Certificate. OV certificates offer full business validation and payment protection, but not the all important Green Bar, which confirms thorough validation and offers better website promotion.
Domain Validated SSL – an Instantly issued, Low Assurance certificate providing basic protection. Not often used now by Internet Retailers to protect every aspect of their customers’ interaction. Recommended only for websites which do not take card payments. Any website owner can obtain a DV SSL Certificate. This offers unscrupulous traders the opportunity to install an SSL certificate and appear to be protecting website users.
Warning – not all SSL certificates are bullet proof. Some Low Assurance certificates are “hackable.” Always ensure that any SSL certificate you purchase offers at least 256-bit protection and also that it does not contain the MD-5 hash, which offers hackers the ability to tamper with payment card data.
Web Assurance Products
As Europe’s leading Web Assurance Company, CBT Solutions is continuously scanning the global market for products which provide our customers with Maximum Protection at Minimum Cost. The selection criteria for these products includes: Feature–set, Managability / Usability, Assurance / Security levels and of course Price. You will have noticed that market is awash with Trustmarks of all kinds. There are basically 2 types:
- Trade bodies or Member Organizations who subscribe to a Code of Practice, which is usually limited in scope and difficult to measure and enforce
- A Web Seal or TrustMark, which represents a website “vulnerability” scanning tool. These are only as good as the scanning service, which underpins their Terms & Conditions and does not necessarily mean that your card payments or your personal data is protected.
Most 3rd Party experts believe that there are 4 areas of Web Assurance, which offer online consumers optimum protection:
- Extended Validation SSL
- PCI Compliance
- Vulnerability Scanning and Transaction Monitoring
- Membership of a Trade Body or Industry Initiative and subscription to an enforceable Code of Practice, which is includes regularly monitored, website activity.
We have established the Best of Breed in each case:
- VeriSign Secure Site Pro + EVEnables the Green Bar and validates the website operator’s credentials.
- VeriSign TrustsealThe VeriSign Trust™ Seal shows the world that VeriSign has confirmed your identity and your site has passed the VeriSign malware scan. The biggest companies in the world secure their Web sites with VeriSign and inspire confidence by showing the VeriSign seal. Now any Web site can build trust, credibility and loyalty online with the VeriSign seal.
- McAfee PCIScans and monitors the website operator’s website to ensure Payment Card Industry compliance.
- SafeBuyAn enforceable, Membership based Code of Practice and website Accreditation System for Internet Retailers based upon Office of Fair Trading consumer protection standards.
Just to make life easier we have created 3 Web Assurance Product Packs available through our Wizard with 1 or 2-year options. These packs combine SSL, Scanning and TrustMark products to provide a COMPLETE security wrapper for your website, keeping your customers safe at all times. Most importantly, they are proven to increase customer conversion and mitigate transaction fall-through.
- Global RetailerVeriSign Secure Site Pro + EV +VeriSign Trustseal (Free) + McAfee PCI Scan + SafeBuy Accreditation. Buy at £1,251 for a 1-Year Pack – 15% (intro discount) = £1,063, or £2,199 for a 2-Year Pack – 15% (intro discount) = £1,869
- Internet RetailerVeriSign Secure Site + EV +VeriSign Trustseal (Free) + McAfee PCI Scan + SafeBuy Accreditation. Buy at £951 for a 1-Year Pack – 15% (intro discount) = £808, or £1,653 for a 2-Year Pack – 15% (intro discount) = £1,405
- Starter PackVeriSign SecureSite SSL + McAfee PCI Scan + SafeBuy Accreditation. Buy at £581 for a 1-Year Pack – 15% (intro discount) = £494, or £1,105 for a 2-Year Pack – 15% (intro discount) = £939
Easily the best value website protection available today.
CBT Solutions can provide bigger discounts for resellers or customers who wish to buy Web Assurance products in larger volumes. Please contact us [email protected]
CBT Solutions also operates a Reseller programme for Hosters, Web Developers, IT Support companies, Systems Integrators, ISP’s, MSP’s etc… and we offer a minimum 25% discount if you are buying more than 50 SSL certificates per annum from any CA. Please email your enquiry to [email protected] or complete the following form
CBT Solutions has invested in unmatched Support Centre services.
• Live online Support for technical enquiries
• 24x7 Telephone Helpdesk for technical enquiries – +44 (0)1908 200 987
• Livechat for sales support enquiries
Contact us for Support on all aspects of buying and installing Web Assurance products.
Call +44 (0)1908 200 987 and we’ll walk you through the order process.
We take your satisfaction very seriously so if you don’t get it we want to know. If you enjoyed the experience let us know about it – email [email protected]
CBT Solutions are active supporters of Get Safe Online - the UK Government's preferred online security advice channel.