-
January 23rd, 2009, 04:04 PM
#1
EV SSL - worth it?
I'm considering switching over to Extended Validation certificates, but I'm wondering if it's worth it since the price difference is huge. We're currently paying $149 per year for a basic (Thawte SSL123) certificate; the EV certificate is a whopping $799 per year... All that just to get a green address bar?
Any opinions on this?
-
January 24th, 2009, 08:58 AM
#2
Depends on what you're doing. What kind of userbase will see the green bar?
http://www.usablesecurity.org/papers/jackson.pdf
The green bar is really the only improvement.
-
January 24th, 2009, 04:23 PM
#3
Thanks, Soda. I do think that our target audience may get an "I feel more secure" boost from the green bar, notwithstanding the excellent case made against the technology in the paper you posted... So, now I'll have to decide between spending $800/year to give our users that little extra (false) sense of security, or sticking with the $150/year one...
Pretty remarkable that that paper was cowritten by MS
-
January 24th, 2009, 04:37 PM
#4
If it was my dough you were going to spend, I would want to know what the consumers think, not the tech staff. Will the green icon turn a browser into a buyer?
I would think not, but consumers are fickle. Poll your customers and find out. Good topic for a focus group.
Perhaps the certificate vendor has already done this. Ask them.
csr
In God We Trust....Everything else we backup.
-
January 24th, 2009, 11:26 PM
#5
again, depends on the audience. @cheapscotchron, they might not be buying anything at all!
The participants who were asked to read the Internet Explorer help file were more likely to classify both real and fake sites as legitimate whenever the phishing
warning did not appear.
Neg, can you school your userbase or not?
-
January 25th, 2009, 01:13 AM
#6
Neg, can you school your userbase or not?
Not a chance
-
January 25th, 2009, 09:04 AM
#7
Interesting paper actually. It doesn't look like there is much of a difference between the two.. I agree, It really depends on the audience/how much money you are willing to spend.
-
January 27th, 2009, 06:31 PM
#8
Junior Member
Very interesting discussion here, as I was just recommending that a friend of mine who's opening up an online store invest in EV SSL. Another point is that I think it depends on what your website sells and the nature of the exchange of personal information -- there's a lot of studies out there to suggest increased ROI as a result of EV but most of it is related to abandoned "shopping carts," etc.
The green url bar is pretty much the only advantage, but it can't be duplicated by phishers, so it's less likely that a customer's info will be put at risk by spoofings of your site (which may or may not be important to you). Doesn't the CA also give you a more in-depth background check with EV SSL, or am I mistaken? That's potentially something you could taut, if it's worth the effort.
-
January 27th, 2009, 06:44 PM
#9
Yes, the vetting process for EV SSL is a little more in-depth - here's the Thawte write-up on it: https://www.thawte.com/ssl-digital-c...v_vetting.html
-
January 27th, 2009, 07:23 PM
#10
Junior Member
Originally Posted by Negative
Thanks, Negative, that's what I thought...that alone might be considered more valuable than the green url bar, although it's hard to communicate to potential customers who are unaware of EV.
Similar Threads
-
By Egaladeist in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: November 4th, 2005, 04:01 AM
-
By stitches2990 in forum Newbie Security Questions
Replies: 3
Last Post: June 2nd, 2005, 08:19 AM
-
By d00dz Attackin in forum AntiOnline's General Chit Chat
Replies: 2
Last Post: May 1st, 2003, 09:21 PM
-
By Internet Hacker in forum AntiOnline's General Chit Chat
Replies: 10
Last Post: October 8th, 2002, 02:31 AM
-
By Juridian in forum Web Development
Replies: 4
Last Post: May 24th, 2002, 02:15 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|