CRE Loaded PCI Security

PCI Security requirements are one of the most significant developments of the past decade. Developed as a result of an alliance of Payment Card Associations, the PCI Standards provide a central focus for the security efforts of all members. They are also the subject of a great deal of confusion among the merchants and service providers who now have to deal with implementing requirements and validating compliance.

As eCommerce Hosting and IT operations specialists we deal with PCI compliance every day. We also see a number of misconceptions about it presented across the web, many of them by so called experts. Among those is the assertion that if you just use this payment module or that software package, none of this needs to apply to you. The PCI Standards very clearly state that they apply to every business that accepts payments using payment cards of any type serviced by the member Payment Card Associations. This includes Visa, MasterCard, American Express, Discover and any card brand owned by these companies. If your business accepts these cards by any means, you are subject to PCI Compliance. Other misconceptions include the idea that once achieved PCI Compliance is finished or that the use of one "super-vendor" can make you compliant. You may find the PCI Standards Organization's pdf download "10 Common Myth's of PCI DSS" to be of some help in dispelling these and 7 other potentially hazardous myths about the Data Security Standards. More information can be found at their website

Why is PCI Compliance So Important?

15 Million Americans succumbed to Identity theft costing US companies in 2005 nearly 56.6 Billion dollars! The Bureau of Justice Statistics states an estimated 3.6 million households were affected by identity theft during a 6-month period in 2004. If an entire year was considered, that could mean that 7.2 million households were affected in a 12 month period.

Consumerfraudreporting.org reports that Credit/Debit Card fraud accounts for 4.7% of internet fraud, costing victims an average of $223 each. Non-delivery of merchandise and/or payments costs the average victim a whopping $800 and adds up to 28.6% of reported fraud. Given consumer concern over the size of the issue, can your company afford NOT to invest in the basic security measures PCI Standards present?

Hosting-4-CRELoaded helps you to achieve and maintain PCI Compliance in two very important ways. We maintain our servers in a state of PCI compliance as a matter of routine at no extra cost to our clients. Then, we provide dedicated eCommerce IT operations management and support services for select shopping carts via our Site Operations Management program at very reasonable rates. Along with those services, we maintain IT records and services which can be used to meet PCI Compliance requirements and lower your total cost of operations.

Comodo HackerProof for PCI Compliance

Website hacking in shopping carts is up on the rise the last decade. As a linux systems administrator, I have repeatedly have customers come to me with cart code riddled with malicous code snips. How did they do it? They used FTP from keylogger trojans, insecure folder and file permissions, failure to rotate passwords on a regular basis and restrict employee usage of the internet white at work.

Keep your antivirus software up to date and running! If you run a windows network, ask your virus protection sales person about enterprise versions that will automatically centralize update tasks on all PCs. Your software suite should contain an advanced configurable firewall. Something like that will notify you whenever ANY file tries to make an outbound connection. If you are unsure what to do, consult a local computer GURU. The information contained in the request will tell you the domain or IP address. Your GURU can tell you where its going and why.
Insist that your host limit FTP connections to FTP over SSL (implicit/explicit) V3 or TLS v1.1 and deny insecure port 21 plain text logins.
PLESK & CPanel both assign a group name for the apache webserver. IIS uses MMC user rights management. If software documentation tells you to change the permissions on a file or folder to 777, please ignore that suggestion! Linux permissions are broken up into USER, GROUP, WORLD. The typical images folder should be 6775 Owner is your FTP user and the group is either nobody for Cpanel and psaserv I believe for apache. the 6 bit turns on special bits for UID (User Identification Digit) and GID (Group Indentification Digit) 77 gives user and group write permissions to a folder and 5 allows WORLD to execute files within that folder. Files should be 6664. Read/Write for USER & GROUP but only 5 (execute) for world. Your host should help you accomplish this.
Your passwords are like safe combinations. It's never wise to use a password more than once for years and years. Rotate them every six months and include come capital letters and numbers within, it. NEVER use common names within a password, either! Password: pasadena001 would not take any decent hacker that much time to break your passwords.
Employees who have free reign over company internet are going to cost you your business in cases where a data breach occured. They may have visited a vulnerable website and infected the company computer(s).
Secure encryption methods on your wireless router and turn OFF the SSID found on most beginning pages of a router setup page.

Data breaches will cost you money and lots of it. I will write more on that in a follow up article on the real cost of data breaches. I do recommend PCI rule 6 scanning on your website at the VERY LEAST. Here is some information you may found use for PCI compliance services.

Hackerproof PCI Security What Comodo HackerProof Includes

When you display the HackerProof trust mark, you can be sure that your site is verified by Comodo, the brand that over 100 million people associate with security and trust.

The Comodo HackerProof service provides you with:

The HackerProof trustmark to display on your website.
A daily vulnerability scan, testing your site for security holes and ensuring it meets HackerProof's trust mark standards.
A web-based management tool to analyze the results of your A/B testing and increase in conversions on those pages served with the trustmark.

Use The Power of the HackerProof Trustmark

Putting the trustmark on your website converts visitors to buyers.

Take The No Risk HackerProof Challenge Today

PCI Scan Compliancy from $220/YR with HackerGuardian from Comodo Group, Inc.

Only $220/YR PCI Scanning enables merchants to validate PCI compliance quarterly on up to five servers using the full complement of HackerGuardian plug-ins (over 30,000 individual vulnerability tests with more added daily). Get 'Ready-to-submit' PCI compliance reports to send to your merchant bank. Detailed reports identify security holes exposed by HackerGuardian's 30,000+ tests and contain actionable fix recommendations.

Features Credit Card logo confirming your trustworthiness to take credit card details online
Secure web-based interface allows you to schedule up to ten PCI scans per quarter on up to five servers
IP Address Packs can be added to your license to allow you to scan additional external and internal IP addresses
Now includes internal vulnerability scanning in the cloud using patent-pending technology
PCI 'self assessment' questionnaire available via online wizard

Why do eCommerce sites need PCI Scanning?

You are an online merchant with between one and five servers that must provide proof of PCI Scan Compliance to their merchant bank
Purchase an Additional IP Address Pack and run scans over an additional number of IP addresses
You need comprehensive post scan reporting alongside precise, actionable threat mitigation advice
You need automatically generated, 'ready-to-go' PCI Scan Compliance reports for multiple servers and server types that can be immediately submitted to an acquiring bank
You would benefit from the versatility and convenience of running up to ten fully featured on-demand scans per quarter to achieve PCI Scan Compliance
HackerGuardian PCI Scan Compliancy customers receive a Credit Card logo for their website
Gain competitive advantage by reassuring customers that you are authorized to accept credit cards by placing a high visibility trust indicator on your website

Subscribe Now

e-Commerce SSL certificates for secure transactions

e-Commerce secure transactions require a higher level of assurance than standard SSL digital certificate usage. Simply displaying a padlock will not assure your customer the validity of the company behind the website. The following range of digital SSL certificates are designed specifically to provide that level of assurance backed by a financial warranty.

According to a prominent e-retailer magazine, the range of conversion improvements achieved through the use of SSL security logos like GeoTrust, Verisign and Comodo varies amongst ecommerce websites with average gains between 5 percent to 10 percent. Small, unknown companies typically experience even higher conversion rates because consumers are more likely to be fearful of shopping with them since they don’t know if some of them are legitimate businesses—let alone have confidence in their security systems. In the same article, 37% of consumers told Forrester that security concerns would affect their online shopping to some extent while 39% said it wouldn’t affect their holiday shopping at all ¹

¹ Internet Retailer (March 2006 issue) titled, Hand-holding: Fraud-weary consumers look for the seal of approval, by Lauri Giesen.

GeoTrust True BusinessID® with EV SSL $199


Boost your open source ecommerce online sales with new Extended Validation Certificates. Help protect your open source ecommerce site from phishing scams and increase your customer transactions with True BusinessID^® with EV SSL. True BusinessID^® with EV SSL comes with the highest levels of identity authentication, up to 256-bit encryption, and the GeoTrust True Site® seal, to help maximize your Internet security coverage and online sales potential. Increased customer confidence means more transactions. Web sites secured with an EV certificate display a green address bar to demonstrate to customers they have reached a highly authenticated site when viewed with high security browsers. Microsoft Internet Explorer 7 displays the green address bar and future releases of Firefox and Opera will also support this new feature. In addition to the green address bar, an adjoining field displays both the names of the organization that owns the Web site and the CA that issued the certificate, GeoTrust. These enhanced interface features are immediately visible and help assure customers they are on their intended Web site and not on a fraudulent site. Extended Validation features help foil phishing. True BusinessID with EV certificates require the most thorough identity authentication process performed today in order to be sure that any organization certified exists. The green address bar displaying the organization’s name and GeoTrust as the Certification Authority is difficult for a malicious site to imitate. These two core aspects of the EV standard combine to create a strong defense against phishing scams. Help your customers gain the security of the green address bar. True BusinessID^® with EV comes with EV Upgrader^™, the first technology to ”upgrade” all IE7 on Windows XP clients to turn their browser address bar green when they visit your EV certified Web site. EV Upgrader is available through the GeoTrust True Site Seal, and allows the widest set of browsers to display EV SSL’s unique interface conventions. CAs that offer EV certificates without EV Upgrader functionality cannot guarantee that all IE7 clients will experience the benefits of EV SSL. Protect your customers with strong encryption and reassure them with a verification seal. True BusinessID^® with EV is a next-generation web trust service that combines SSL certificates that enable up to 256-bit encryption and an identity verification seal in a single bundle. That means a new level of online security for your customers and a potential increase in business activity and revenue generated by your Web site. (The level of encryption achieved depends on the customer’s browser and the cipher suite installed on your web server.) Built upon existing SSL protocol, True BusinessID^® with EV is backward-compatible with browsers and servers available prior to the establishment of the Extended Validation standard. These older browsers will present the new EV SSL certificates the same way as traditional SSL certificates.
Encryption	256-bit
Security Method	iSSL encryption
Validation Required	Thorough
Validation Procedure	Manual process Verify domain ownership Verify entity Verify authority
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	1-2 business days
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	High
Registered certificate authority product	Single Root Certificate Authority
Warranty	$10,000.00
Trust Logo
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.

SBS Secure SSL Certificate $75/yr


Secure Online Transactions and Applications with Confidence SBS Secure SSL offers the latest in 128-bit SSL encryption. Our Certificates are accepted by over 99% of all browsers, are fully validated and insured, and are still priced lower than our competitors! Full Validation SSL certificates also encrypt data sent between two parties with the same encryption technology. Full validation certificates not only verify the identity of the SSL certificate with an email to the administrative contacts, but they also provide a higher level of identification. Full validation certificates verify that the certificate owner is a legal entity, whether that entity is a business or individual. This not only helps ensure that the certificate is valid, but that the business entity you are conducting commerce with is a valid entity. Full validation certificates therefore help ensure that data is securely sent over the Internet to a trusted entity.
Encryption	256-bit
Security Method	SSL
Validation Required	Thorough
Validation Procedure	Manual process Verify domain ownership Verify entity Verify authority
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	1-2 business days
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	Low
Registered certificate authority product	Single Root Certificate Authority
Warranty	$75,000
Trust Logo	None
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now

GeoTrust True BusinessID® $160/yr


If you’re looking for end-to-end Internet security coverage, True BusinessID^® from GeoTrust is the answer. This bundled package of SSL certificates and True Site® site seal delivers unsurpassed browser and server recognition, as well as airtight access protection and fraud prevention. The most secure encryption technology you can buy. True BusinessID^® is the only next generation web trust service that combines provides SSL certificates that enable up to 256-bit encryption and an identity verification seal in a single bundle. That means a new level of online security for both you and your customers, and a corresponding increase in business activity and revenue generated by your web site. Convenient online installation and renewal. Getting started with True BusinessID^® is hassle-free. We’ll provide easy-to-follow online installation instructions so you can put True BusinessID^® to work right away. We will even notify you of renewal requirements in advance so you can be sure that your True BusinessID^® is always operating at optimal levels – seamless protection for your online business, and important 24x7 assurance for your customers. Grow your business with patented “Smart Seal” technology. Our patented “Smart Seal” technology resides on your web pages, automatically identifying your site as genuine, authentic, and validated by an independent third party. When a customer clicks on the True Site seal, the server automatically performs a domain look-up to verify they’re visiting a legitimate site. The result? Greater customer confidence and 24x7 assurance, more e-commerce activity – and a significant increase in online revenue. This GIF is a sample snapshot of the True Site site seal. The actual site will disable right click and save features and will display YOUR company name and a live date / time stamp.
Encryption	256-bit
Security Method	iSSL encryption
Validation Required	Thorough
Validation Procedure	Manual process Verify domain ownership Verify entity Verify authority
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	1-2 business days
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	High
Registered certificate authority product	Single Root Certificate Authority
Warranty	$10,000.00
Trust Logo
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now

EV SSL Certificate Extended Validation SSL with 256 Bit Encryption $370.75/yr

EV SSL Certificate $371/yr

Make more money and lower cart abandonment with Extended Validation SSL

EV SSL Certificate

Over 1/3 of your site's visitors use a browser made for EV SSL, including IE 7, Firefox 3, Opera 9.5. Their browsers tell them that you are trustworthy through the presence of a green bar near the address. With one out of three people relying on the green bar to appear in their browser, what would you rather show them about how trustworthy an emerchant you are?

The green address bar builds trust and makes a difference between purchasing and abandonment during checkout. People are expecting their browsers to tell them if it's safe to do business with you, and an EV SSL certificate tells them loud and clear. To enable all your visitors to fully trust you an Extended Validation SSL certificate is now required for over 1/3 of your visitors and growing.

Your visitors are looking for the green bar, will you have it?

Let our certified linux technicians assist you with your order, today.

Sites with EV SSL benefit through:

Increased conversion rates
Lower shopping cart abandonment
Increased customer satisfaction
Competitive differentiation
Highest protection against phishing

What you get with Comodo EV SSL:

Recognized by all popular browsers, 99.3%
A great price so you make more sales and fit more in your budget.
128/256 bit SSL encryption
Dedicated account manager + Email and Web support
Free priority phone support to make installation easy.
30 day refund policy
$250,000 warranty
Unlimited re-issuance

Free additional products to help you make the most of your Comodo EV SSL certificate

comodo EV Corner of Trust site Seal ($119 value)
EV Auto Enhancer Chained CA enables green bar on first page load
HackerGuardian Vulnerability Scan - for merchants accepting credit cards as method of payment from their customers, HackerGuardian will help you to validate your PCI Compliance to the Data Security Standards set by the Payment Card Industry.

Comodo EV SGC SSL Certificates starting at $538/yr with free EV Enhancer to convert sales and prevent cart abandonment

Comodo EV SGC SSL Certificates

Comodo SGC EV SSL E-commerce merchants are going beyond the gold padlock to go green with Extended Validation SSL certificates, the e-commerce standard for trust and security. The green browser address bar, exclusive to EV SSL certificates, assures website visitors that they are transacting on a highly trusted and secured domain. The EV SSL certificate was designed to strengthen e-commerce security and combat phishing attacks to make EV SSL the most complete SSL certificate available. Visual assurance helps e-commerce merchants increase trust, reduce shopping cart abandonment, and build long-term revenue.

Obtaining an Extended Validation SSL certificate requires a rigorous validation performed by Comodo, a registered Certificate Authority (CA). This is required to ensure that the company behind the site meets Extended Validation standard. These strict validation guidelines help keep the green address bar associated with only trusted organizations to maintain the highest level of security and trust with visitors:

Server Gated Cryptography (SGC) extends modern 256bit encryption capabilities to older browsers normally capable of only 40bit encryption. This greatly improves the privacy and security of each secured connection.

Green address bar
Highest assurance certificate
2048-bit, next generation SSL
$250,000 warranty

99.3% of browser ubiquity
SGC, older browser compatibility brings it's encryption up to date
Priority phone support
Free Comodo TrustLogo

Why choose Comodo?

The Comodo brand is recognized with a variety of security products, ranging from Comodo Security Solution's award-winning desktop security products to Comodo CA's portfolio of e-commerce merchant tools. The Comodo brand is recognized by consumers worldwide as a leader in security. By employing Comodo branded solutions on their website, such as EV SSL certificates, e-merchants can leverage the relationship Comodo has built with millions of consumers worldwide to establish trust with their own customers. Because of our progressive approach to e-commerce security, you can also expect to find innovative and patent-pending technologies implemented into all of our products, keeping you on the bleeding edge of the technology curve

The benefits:

Boosted consumer confidence with the Green Address Bar, exclusive to EV SSL
Reduced shopping cart abandonment
Increased conversion rates
Ease of EV deployment by using our patent-pending EV AUTO-Enhancer technology
Protect your customers from phishing attacks

Order Now $538.80 (SRP $799)

InstantSSL By Comodo $89.95/yr

InstantSSL Certificates enable you and your customers to complete transactions with the assurance that no one else can read or change information as it travels over the Internet. This leads to increased visitor conversion rate, lower Web site abandonment and an increase in average purchase price. InstantSSL SSL certificates are made for securing leading web sites and company networks. Trusted by over 99% of current browsers, InstantSSL certificates are the affordable and professional solution to securing web servers. All orders include a free HackerGuardian Vulnerability Scan and Corner-of-Trust trustmark. This free tool included in your SSL certificate offers five free scans over three IP addresses. For home users or network administrators, this tool helps identify potential security threats on internet connected devices, or test and validate PCI Compliance. HackerGuardian is a PCI Compliance tool by Comodo CA Limited, an Approved Scanning Vendor (ASV). HackerGuardian helps merchants validate their PCI Compliance to the PCI Data Security Standards (PCI DSS).
Encryption	128/256 bits
Security Method	iSSL encryption
Validation Required	Thorough
Validation Procedure	Manual process Verify domain ownership Verify entity Verify authority
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Starndard
Support Type	Email , Web, Telephone
Provisioning Length	1-2 business days
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	High
Registered certificate authority product	Single Root Certificate Authority
Warranty	$10,000.00
Refund	30 Days
Trust Logo	Each InstantSSL Certificate comes with a FREE TrustLogo worth $119.00. By giving your customers real-time identity assurance via simple "Point-to-Verify" technology, Comodo trustmark authenticates your online identity and gives your customers the confidence to buy from your site.
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now

InstantSSL Pro by Comodo Group $115.89

InstantSSL Pro Certificates enable you and your customers to complete transactions with the assurance that no one else can read or change information as it travels over the Internet. Transactions are insured up to $100,000 with a maximum transaction of $10,000.00 This leads to increased visitor conversion rate, lower Web site abandonment and an increase in average purchase price InstantSSL SSL certificates are made for securing leading web sites and company networks. Trusted by over 99% of current browsers, InstantSSL certificates are the affordable and professional solution to securing web servers. All orders include a free HackerGuardian Vulnerability Scan and Corner-of-Trust trustmark. This free tool included in your SSL certificate offers five free scans over three IP addresses up to 90 days. For home users or network administrators, this tool helps identify potential security threats on internet connected devices, or test and validate PCI Compliance. HackerGuardian is a PCI Compliance tool by Comodo CA Limited, an Approved Scanning Vendor (ASV). HackerGuardian helps merchants validate their PCI Compliance to the PCI Data Security Standards (PCI DSS).
Encryption	128/256 bits
Security Method	iSSL encryption
Validation Required	Thorough
Validation Procedure	Manual process Verify domain ownership Verify entity Verify authority
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Starndard
Support Type	Email , Web, Telephone
Provisioning Length	1-2 business days
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	High
Registered certificate authority product	Single Root Certificate Authority
Warranty	$100,000.00
Refund	30 Days
Trust Logo	Each InstantSSL Certificate comes with a FREE TrustLogo worth $119.00. By giving your customers real-time identity assurance via simple "Point-to-Verify" technology, Comodo trustmark authenticates your online identity and gives your customers the confidence to buy from your site.
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now

Quick Validation SSL Certificates

Quick validation digital SSL certificates rely on domain registration information to validate the certificate owner. Their intended purposes are for server certificates such as courier smtp and purftpd services. They often will not carry a third party financial warranty and convert less customers. If you operate a blog, content management system or any other type of web application requiring a securely encrypted login, these certificate types are best suited for your needs. Make sure the email and telephone number on the domain registration is current before ordering these types of certificates.

Quick SSL Premium $125/yr


Secure Online Transactions and Applications with Confidence GeoTrust QuickSSL Premium certificates are the most convenient and cost effective solution for any business that needs to conduct secure online transactions. These certificates enable up to 256-bit encryption and instill confidence and trust in your customers and business partners when providing sensitive information over the Web or mobile devices. SSL Certificates Delivered Fast and Cost-Effectively Unlike other SSL products, you don't have to wait days to get your certificates — GeoTrust will issue your QuickSSL Premium certificate in about 10 minutes with our fully automated authentication and issuance process. This process verifies that a certificate purchaser has appropriate administrative rights to a web server's domain. This greatly lowers our costs for issuing QuickSSL certificates, and we pass those savings on to you. Plus, QuickSSL Premium includes a dynamic site seal. This prominently displayed GeoTrust QuickSSL Premium site seal guarantees online visitors they will receive the highest level of encryption possible and assures that credit card numbers, account numbers and other confidential and sensitive information cannot be intercepted or altered. Other Features and Benefits of QuickSSL Premium Certificate Include: Fully owned roots. GeoTrust owns all of its roots, and as a result, all of our certificates offer the highest level of stability. Unlike other companies which issue certificates off chained roots or license roots from third parties, GeoTrust is able to offer customers an assurance of root stability throughout the lifetime of every certificate. Warranty. QuickSSL Premium certificates are covered by the GeoSure protection plan with up to $100K in protection. Coverage includes loss of use, theft, or corruption. Unlimited, free self-service reissues. GeoTrust provides a quick and easy way to reissue any certificate at no charge. Certificates may need to be reissued when upgrading or changing server software or operating platform; if migrating your site from one server to another, or If an existing private key has been lost, destroyed or inadvertently overwritten. After re-validating certificate information online, the new certificate is issued immediately and is valid from the date of reissue until the original expiration date. Competitive trade-in program. GeoTrust provides a simple way to upgrade from another vendor’s certificates or transition multiple certificates from disparate certificate vendors. The competitive trade-in program allows you to retain the full value of existing certificate investments, by adding the remaining validity period of any active vendor certificates to your new GeoTrust certificates — up to 12 additional free months depending on when your current certificate expires. Multi-year certificates. QuickSSL Premium is available in multi-year validity periods at significant cost savings. Plus, you avoid the process of renewing certificates every year. Automatic renewal reminders and early renewal options. With QuickSSL Premium, administrators are automatically notified when their certificates are close to expiration, so certificates are always valid. GeoTrust also allows administrators to renew certificates up to 90 days early and receive up to three months credit on new certificates. Customer support options. QuickSSL Premium offers optional customer support services for those customers that need assistance installing and maintaining their certificates. Highest Standards for Certificate Practices and Physical Security As the world’s second largest Certificate Authority, GeoTrust provides the highest assurance of trust to all its customers. GeoTrust maintains compliance with WebTrust, a comprehensive third-party auditing process which signifies that GeoTrust meets the highest standards for issuing and managing digital certificates. GeoTrust also leverages the best possible physical infrastructure and network security to maintain customer accounts and certificate data. Our state of the art hosting facilities are fully redundant and hardened data and network operations centers that meet stringent WebTrust standards for physical and network access control. Independent security auditors also carefully scrutinize the physical systems, the software configurations and the processes and procedures used by all GeoTrust personnel.
Encryption	256-bit
Security Method	SSL
Validation Required	Basic
Validation Procedure	Automatic process Verify domain ownership via email
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	10 Minutes
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	Low
Registered certificate authority product	Single Root Certificate Authority
Warranty	$100,000
Trust Logo	This GIF is a sample snapshot of the QuickSSL Premium site seal. The actual site will disable right click and save features and will display a live date / time stamp much like the True Site displayed on the bottom of this page
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now $125/yr

RapidSSL Certificate $16.95/yr


RapidSSL is a 128 / 256 bit single root SSL certificate. RapidSSL owns the root used to issue RapidSSL certificates making it a stable SSL offering. RapidSSL is already present in the IE 5.01+, Netscape 4.7+ and Mozilla 1+ browsers and many other new Windows and Mac based browsers. RapidSSL Certificates have a browser recognition of around 99% and are ideal for websites conducting low volume / low value ecommerce transactions. If your transaction volume and value warrants an SSL certificate from a known brand, or you require advanced site seal technology, please refer to our Professional Level SSL certificates section. The lowest cost single root install SSL certificate available Immediate SSL certificate issuance 24/7/365 Multi-year savings available - 1 to 5 year certs available Automated two step online validation - no paperwork Web and email support - 9am to 5pm EST Strong 128 / 256 bit encryption, industry standard SSL FREE "Secured by RapidSSL" site seal Risk free: 7 day refund and reissue policy Delivered in minutes, installed in seconds
Encryption	128/256-bit*
Security Method	SSL
Validation Required	Basic
Validation Procedure	Automatic process Verify domain ownership via email
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	1-2 hours
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	Low
Registered certificate authority product
Warranty	$10,000
Trust Logo
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now $16.95

SBS Instant SSL $24.75

NEW! A quick and cost effective starter certificate that provides a up to 256-bit encryption. This new product is perfect for companies that want to get up and running with SSL quickly and easily.
Encryption	128/256-bit*
Security Method	SSL
Validation Required	Basic
Validation Procedure	Automatic process Verify domain ownership via email
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	1-2 hours
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	Low
Registered certificate authority product
Warranty	No
SBS Trust Logo	None
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.
Buy Now$24.75

GeoTrust Quick SSL

Quick SSL
With GeoTrust QuickSSL web server certificates, you can start conducting secure online transactions with confidence, quickly and cost effectively. By activating the browser's "LOCK" icon, QuickSSL enables up to 256-bit encryption and assures online visitors that confidential information and transactions cannot be viewed, intercepted or altered. And because our authentication system is the most advanced in the industry, your customers and trading partners can be sure that GeoTrust certificates are only issued to fully authorized recipients. SSL Certificates Delivered Fast and Cost-Effectively Unlike other SSL products, you don't have to wait days to get your certificates — GeoTrust will issue your QuickSSL certificate in about 10 minutes with GeoTrust’s fully automated authentication and issuance process. This process verifies that a certificate purchaser has appropriate administrative rights to a web server's domain. This greatly lowers our costs for issuing QuickSSL certificates, and we pass those savings on to you. QuickSSL Certificate Features and Benefits Include: Fully owned roots. GeoTrust owns all of its roots, and as a result, all of our certificates offer the highest level of stability. Unlike other companies which issue certificates off chained roots or license roots from third parties, GeoTrust is able to offer customers an assurance of root stability throughout the lifetime of every certificate. 99%+ browser ubiquity. QuickSSL certificates are issued off of one of the world’s most trusted roots. They deliver ubiquitous recognition with leading servers and 99%+ web browser recognition. Unlimited, free self-service reissues. GeoTrust provides a quick and easy way to reissue any lost certificate at no charge. Certificates may need to be reissued when upgrading or changing server software or operating platform; if migrating your site from one server to another, or If an existing private key has been lost, destroyed or otherwise inadvertently overwritten. After re-validating certificate information online, the new certificate is issued immediately and is valid from the date of reissue until the original expiration date. Competitive trade-in program. GeoTrust provides a simple way to upgrade from another vendor’s certificates or transition multiple certificates from disparate certificate vendors. The competitive trade-in program allows you to retain the full value of existing certificate investments, by adding the remaining validity period of any active vendor certificates to your new GeoTrust certificates — up to 12 additional free months depending on when your current certificate expires. Multi-year certificates. QuickSSL are available in multi-year validity periods at significant cost savings. Plus, you avoid the process of renewing certificates every year. Automatic renewal reminders and early renewal options. With QuickSSL, administrators are automatically notified when their certificates are close to expiration, so certificates are always valid. GeoTrust also allows administrators to renew certificates up to 90 days early and receive up to three months credit on new certificates. Customer support options. QuickSSL offers optional support services for those customers that need assistance installing and maintaining their certificates. Highest Standards for Certificate Practices and Physical Security As the world’s second largest Certificate Authority, GeoTrust provides the highest assurance of trust to all its customers. GeoTrust maintains compliance with WebTrust, a comprehensive third-party auditing process which signifies that GeoTrust meets the highest standards for issuing and managing digital certificates. GeoTrust also leverages the best possible physical infrastructure and network security to maintain customer accounts and certificate data. Our state of the art hosting facilities are fully redundant and hardened data and network operations centers that meet stringent WebTrust standards for physical and network access control. Independent security auditors also carefully scrutinize the physical systems, the software configurations and the processes and procedures used by all GeoTrust personnel.
Encryption	256-bit
Security Method	SSL
Validation Required	Basic
Validation Procedure	Automatic process Verify domain ownership via email
Browser Trusted
Browser Compatibility	99.3%
Technical Support	Standard
Support Type	Email and phone
Provisioning Length	10 Minutes
Certificate Issued	1 domain name
Recognized Internationally
Secure Root Server
Installation	Quick and painless
Security web lock will appear:	Locked
Assurance Type	Low
Registered certificate authority product	Single Root Certificate Authority
Warranty	$10,000
Trust Logo	or static
* 256 bit encryption supported by compatible servers and clients. e.g. Apache 2 and Firefox.