Proactive Security with Server-Gated Cryptography

Information is a critical asset to any business. With the rising threat of cybercrimes, businesses today need to be more proactive in taking adequate security measures to protect not only their data, but that of their customers.

As a new whitepaper by server-gated cryptography provider thawte points out, e-commerce businesses using SGC (News - Alert)-enabled SSL certificates can help guarantee stronger encryption, greater privacy and reduced risks of fraud and identity theft. “This is not one person's or organization’s opinion. This is a fact – proven by the Yankee Group (News - Alert) who conducted exhaustive independent tests (368 to be exact) to arrive at this conclusion,” according to the whitepaper.

SGC technology originated in the late 1990s however, it remains as relevant today as it did when it was first introduced, thawte’s research maintains.

“The widespread growth of broadband globally will necessitate the use of technologies that are forward thinking and proactive,” the whitepaper said. “SGC is such a technology because, unlike other SSL certificates that rely on the user's browser being able to match a server's cipher suite, SGC helps users attain more secure connection by actually stepping up some users' browsers in specific situations.”

In fact, a Yankee Group study concluded, “SGC-enabled certificates enable more Windows 2000 users to connect with 128-bit encryption. This difference means tens of millions more internet users worldwide would get 128-bit encryption or higher if all e-commerce vendors used SGC-enabled certificates.”

Further evidence is found in a recent survey conducted by IBM (News - Alert): As many as 75 percent of those surveyed expressed concern for the growing cybercrime threat that will come from many unprotected computers in the developing world

“Proactive security will not only create a more secure digital environment for everyone, but it will also help to build trust amongst the many new users of the internet. Trust will build confidence and confidence is good for business,” the whitepaper said.

As thawte officials explained, SGC was created as an extension to SSL for consumers with export versions of Web browser software to use strong cryptography for financial transactions. To understand how an SGC-enabled SSL session differs from other SSL sessions, you need to understand how a normal SSL session works. A simplified SSL session looks like this:

1. The client/browser sends the server a list of supported ciphers;

2. The server chooses a cipher and sends that cipher along with its certificate back to the client/browser;

3. The client/browser verifies the server's certificate and extracts the server's public key;

4. The client/browser encrypts a secret using the server's public key and sends it to the server; and

5. The server decrypts the secret using its private key.

SSL encryption is a key component in protecting consumers’ online transactions. Its transparency to users will be a critical factor in reducing fraud.

To protect internet financial transactions, experts recommend that a minimum of 128-bit encryption be used. SGC-enabled SSL certificates, such as Thawte’s SGC SuperCerts, are the only SSL certificates that have the unique ability to step up encryption strength from the weak encryption to the much stronger 128-bit encryption.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2011, taking place Sept. 13-15, 2011, in Austin, Texas. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. To register, click here.

Stay in touch with everything happening at ITEXPO… follow us on Twitter