People know to look for the gold padlock when transacting online. E-commerce stores know they need an SSL certificate to get the gold padlock. It’s something consumers have been told numerous times whether it was from a pre-holiday news special about protecting yourself online or from the family member that thinks they know everything about technology.

The gold standard for e-commerce has gone green.

By now, you have probably seen the green address bar when you are shopping at some of the largest internet retailers out there. The green address bar only shows up when the website has an Extended Validation (EV) certificate. This is the highest level of identity assurance that can be given to visitors. This interactive and noticeable visual indicator is an overlooked way to immediately improve customer confidence and reduce shopping cart abandonment.

What about the gold padlock?

The validation process (what the Certification Authority (CA) does in order to check out that the entity asking for the certificate truly is who they say they are) varies between vendors for different certificate types. SSL Certificates were all given the exact same visual indicator, the gold padlock, regardless of the level of validation. Most users couldn’t differentiate between a certificate issued where only the domain was checked versus a certificate where the entire organization was verified against third party sources. This causes confusion as the gold padlock represents a variable level of website identity assurance.

To combat this confusion, Comodo founded the CA/B forum. The forum comprised all of the largest Certificate Authorities and major browsers who vowed to work together to create the first true standard for issuing certificates. The results of their work are the new Extended Validation standards for Certificates. These new high-level standards have become the backbone of trust and validation.

Along with the standards, the CA/B forum created a new visual indicator, the green address bar, to convey this trust. Just like the gold padlock was pushed by the media, the green address bar picks up where it left off. The green address bar tells users that the site has met the highest validation standards available. Thanks to the green address bar, people who already know to look for a visual indicator can now rely on the meaning behind it.

The PA-DSS Protects E-Commerce Users
Over the past several years, Internet security has become quite a powerful discussion topic for online businesses as well as their customers.  With the advent of online banking, shopping and bill payment, the amount of confidential data shared on the Internet is constantly increasing exponentially.  As these online services multiply, it is becoming more and more imperative to confirm that sites engaging in e-commerce activities (including businesses utilizing online shopping carts such as Miva Merchant) are compliant with the PA-DSS.

PA-DSS, or the Payment Application Data Security Standard, is based on the Payment Application Best Practices (PABP) of Visa.  The PABP was first introduced in 2005 in order to aid in the creation of secure online payment applications by software vendors.  The PA-DSS was released in 2008 with the purpose of establishing all requirements that e-commerce merchants who utilize business web hosting services must follow in order to process credit card payments.  Miva Merchant 5.5’s online shopping cart software is completely up to date with all PA-DSS compliancy conditions.  These days, any online merchant must be able to prove that they are compliant with all PCI and PA-DSS prerequisites.

The Importance of PCI Compliance
The PCI in PCI compliance stands for Payment Card Industry.  The PCI was formed when each of the five major credit card companies (Discover, Visa, MasterCard, American Express and JCB) banded together to establish the guidelines online businesses must follow to accept credit card payments.  The PCI then composed the PA-DSS as the primary means to combat fraud and establish a sense of trust and security on the Internet. Read the rest of this entry »

Most small-to-medium sized businesses are using CMS (customer management systems), E-Mail (who isn’t? 5 year olds have email accounts now), to manage a web site, and occasionally share files between employee’s. Traditionally SMB’s (Small-to-medium sized Businesses) have had to either create their own internal hosting and communication systems or piece together many disjointed software programs and hardware devices to create their intranet. Time and expense add up and often times SMB’s go without all or some of the components they require. As such, there has been a need for an all-in-one solution that can tie all of these systems together for ease of use.

Web Hosts have also had a difficult time putting together an all-in-one solution for their customers. Hosters have created some crude control panels and options for customers, but nothing that creates a seamless integrated approach for a company to manage email, hosting, CMS, file sharing, and even an online store. There are literally thousands of options out there for Email, Hosting Platforms, CMS, File Sharing, and Operating Systems.  Web hosts have traditionally focused on managing the hosting experience and simply offer an assortment of software they think their customers want. These platforms are offered and supported to an extent, but most of the grunt work is left to the SMB’s IT department. Read the rest of this entry »