Video Screencast Help
Website Security Solutions
Showing posts in English
Tim Callan | 25 Aug 2007 | 0 comments

Regular readers of The SSL Blog will remember that DebtHelp.com was the first site apart from VeriSign to implement EV SSL Certificates. You will also remember that DebtHelp measured the results of deploying EV and determined that the green bars had raised conversions by 11% with a 16,000% ROI.

We have now published a full case study on DebtHelp's experience with EV SSL. Be sure to check it out...

Tim Callan | 23 Aug 2007 | 0 comments

One of the common misconceptions I run into is that the only sites targetted by phishers are banks. That hasn't been true for several years. Today we see phishing attacks against lotteries, utilities, search, e-commerce, social networking sites, online greeting cards, and taxes. And now job sites, thanks to the recently published phishing scheme against...

Tim Callan | 22 Aug 2007 | 0 comments

Firefox interface developer Johnathan Nightingale has assembled a bunch of research numbers on SSL in various contexts. He does a good job of reporting sources and even includes some commentary on his opinion on the validity of this research (which, obviously, you should decide if you agree with or not).

Tim Callan | 21 Aug 2007 | 0 comments

We can get so caught up in the EV SSL market adoption that it's easy to forget that more businesses than ever are choosing to display the VeriSign Secured Seal as well in order to demonstrate their high security practices. Today our theme is funmongers. Iconic toy store FAO Schwartz and big-box party supplier Party America are flaunting their VeriSign right on the home page. So don't let anyone tell you that security isn't fun.

Tim Callan | 20 Aug 2007 | 0 comments

This article from Forbes.com on the value of random testing in both physical and retail online environments includes this one line about the VeriSign Secured Seal:

Randomized Web pages have shown online retailers, sometimes after just a few hours, that displaying a VeriSign warranty can generate more sales.

This line comes in a paragraph about A/B split testing provider Offermatica. I wonder if Offermatica can share some of those results with the world. We'd love to see them.

Tim Callan | 17 Aug 2007 | 0 comments

I never got around to blogging this post, but it deserves mention. Apologies for that. Been a little busy.

You may know there's an idea to create a new TLD called .bank. The idea is that it would only be available to banks, making phishing more difficult. In my opinion it's a miniscule incremental improvement (among other problems, major banks aren't going to stop doing business on their old TLDs for many years, if ever, and consumers aren't going to stop trusting these TLDs for the same amount of time). eWeek editor Larry Seltzer rightly points out that if you're going to put indications of trustworthiness into the browser, a nice green bar and an EV SSL Certificate are probably the way to go.

Tim Callan | 13 Aug 2007 | 0 comments

Excuse the newspaper-headline-style pun, but I'm running out of ways to say, "Such and such a humongo site has put EV live." In this case you may already know that online travel leaders such as Travelocity and Opodo along with others like Alaska Airlines have already gone live with EV SSL Certificates.

And you may remember that...

Tim Callan | 03 Aug 2007 | 0 comments

The deployments of Extended Validation SSL are fast and furious now. I'll try to make some time in the next few days to write up a bunch of the new names that have put up EV SSL Certificates. Today I'd like to highlight Blue Cross for the province of Alberta. As I mentioned in my last post, EV is a worldwide phenomenon, and you will notice that this site is an example of that. However, I'm more intereted in the fact that Blue Cross is not a bank or e-commerce site, which describes the earliest adopters of Extended Validation. In this case it's a leading health care site. Health care information is highly confidential, and people take great care to keep it that way. Health care sites are also obvious targets for phishing attacks aimed at the personally identifiable...

Tim Callan | 01 Aug 2007 | 0 comments

I've mentioned in the past that Firefox is moving forward on incorporating support for EV SSL into its next release. Firefox security interface designer Johnathan Nightingale has written a decent amount about his ideas for the Firefox 3 security interface, of which EV is an important piece. You can wander around his blog (as linked above) and find many things to read about usability and interface design. I'll point out a few of them here.

Johnathan's slide deck for his recent presentation at the OSCON open source summit.

...