Security by VeriSign

Savvy e-shoppers demand assurance that the sites they visit are completely safe and that their payments will be properly processed before they can confidently transmit sensitive information or purchase online making security a top priority for very competitive Web business. SafeScript in association with VeriSign now brings to you Secure Site Services which gives you everything you need to offer users of your Internet services the most trustworthy Web experience possible. 

At the heart of our solutions ware digital certificates, or Server IDs. Installed on your Web server, Server IDs allow visitors to submit information online with the same assurance that they are really doing business with you and that the information that  send you - such as credit card numbers, online forms,  username/passwords and financial data is protected from interception or alteration over the Web. 

Global Server ID

These IDs address problem of browser dependent encryption capability. This unique product offered only by VeriSign imposes a 128 bit SSL session between the browser and the Web server, irrespective of the browser being US version or international version. Therefore the website owner does not  have to wrry about what browser the end user is using. He can be sure that whar ever be that case the website will have the highest level of security possible with a 128 bit encryption.

Secure Server ID

These Server ID do a browser dependent SSL session. In other words, if the user's browser is located in US and can support 128 bit encryption, it enables 128 bit encryption. But if the browser is located outside the US and hence capable of supporting only 40 bit encryption, it does 40bit encryption. Since, on a global scale, most browsers have basically 40 bit encryption capability, these server IDs are commonly referred to as "40 bit certs". The other "128bit certs" offered in the market today are equivalent only to the Secure Server ID from VeriSign.

VeriSign is the only organization in the work with offers a true 128 bit browser independent web server certificate, i.e. the Global Server ID.

PKI builds on and maintains trusted relationships across the supply chain. A PKI secures mission critical transactions and allows organizations safe transitions from paper based businesses to true electronic businesses, creating effective e-business solutions. 

• ENCRYPTION: For information confidentially.
• AUTHENTICATION: Of users over closed or open networks.
• INTEGRITY: Of data transmitted over close and open networks.
• NON-REPUDIATION for transactions. 

PKI is not only software or hardware. It is an infrastructure. It is a distributed system. It is a combination of products, services, facilities, policies. procedures, agreements and people. It is a combination of encryption algorithms, data formats, communication protocols, and derived tools designed for secure communications that is required for enterprise use of public key cryptography. When individuals or organizations start participating in the PKI, they begin with a pair of "Keys" One of the keys is secret (private) and other is published (public) which is stored in a public key repository. Any transaction or massages encrypted using the private key can be decrypted by using the corresponding public key.

• A Certificate Authority (C.A.) is a body that has the authority to grant and revoke certificates. A Certificate includes the public key or information about the public key.
• A Registration Authority (R.A.) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor.
• One or more directories where the certificates with their pubic keys are held.
• A Certificate Management System.

A CA is a body that has the authority to grant and revoke certificates. A CA can be any trusted authority willing to vouch for the identities of those to whom it issues certificates. The CA sets usage and operational policies. spelling out the responsibilities of those to whom it grants certificates. A CA is a authority in a network that issues and manages security credentials and public key for message encryption.

PKI creates certificate document digitally signed by a CA acting as a Trusted Third Party (TTP). These certificates are signed using the CA's private key. In the virtual e-market,  where paper and plastic transactions do not exist and there is no personal interaction, these certificates are the basis for establishing identification, authorization confidentiality and non-republication for integrity of the subject.

• Setting up a hierarchy of CA signing keys and certifications.
• Processing certificates requests.
• Issuing approved certificates.
• Generating Key pairs-public and private. 
• Maintaining the certificate database.
• Key and Certificate updating.
• Renewing certificates.
• Revoking certificates and issuing a Certificate Revocation List (CRL).
• Publishing key details (in directory services).

The root CA can also support VCA, which is a mechanism, that supports multiple independent CAs on one work station. All certificates issued by the VCA will be known to originate from the trusted root CA. Each CA is independent of the other VCAs and will have its own web pages, certificate format, authorization mechanism and renewal process.

Any organization, Banks, Institions, Credit Card companies, Stock traders can use the secure CA to host their operations as a VCA.

CA offers SET (Secure Electronic Transaction) protocols for businesses to extend their activities securely into the Internet, SET protocol, guarantees the confidentiality of all the buyer's payment data with regard to the trader as well as the privacy of the commercial operations. 

Organizations: Use PKI to build relationships founded on trust with employees, partners and customers.

Corporations: A PKI enables company to use digital certificates to replace easily forgotten and cracked user IDs and passwords, enabling secure single login.

Financial Services: A PKI enables banks and brokerage houses to give customers secure access to account information, facilitation to initiate trades and transfer funds with confidence.

Health Care Organizations: A PKI enables  customers to securely check claim status and submit data without fear that private information will be intercepted or corrupted.

Software Distributors: A PKI enables Software companies to digitally shrink-wrap software downloaded via the web to customers, enabling the customers with the confidence that the software is genuine and has not been tempered.

Publishers: A PKI facilitates Magazines and newspapers organizations to deliver content online to verify customer identities to grant access to different subscription levels and assure readers with a authentication of the source of content.

Secure E-Commerce: A PKI enable safe commerce that is crucial for building customer confidence and for facilitation safe commercial transactions on the web.