We just took a recent look at the various SSL certificate providers, link below and have come up with the following conclusion:

The SSL certificate market is becoming highly fragmented, with everybody and there dog, offering SSL certifcates, at rock bottom prices.

Verisign has their head in the sand with their high prices, but they don't need to convince that many fools, to make a buck, with their certificates being close to $1000 bucks a pop.

I would stick with a middle of the pack company, to ensure maximun browser compatibility, and a decent price.

http://www.securityspace.com/s_survey/sdata/200510/certca.html

[edited by: lorax at 7:56 pm (utc) on Nov. 18, 2005]
[edit reason] delinked [/edit]

The problem is that older browsers do not have native support for many of the new certificates. VeriSign does. We tried out a lower cost certificate last year and received a couple calls from people (I believe on older Macs) saying "your website is telling me it's not secure". That was enough for us to pay the VeriSign premium. It doesn't take too many lost sales to justify the extra cost. In five years I'm sure it will be a different story.

Your situation may be different, but I consider verisign certs to be HUGELY over priced.
I've used comodo and geotrust and both work fine, for around $50. IMO, if anyone is using a browser that doesn't recognise these certs, they are living in the dark ages, and I don't see the benefit of shelling out big money just to accomodate a few silly users who may or may not ever make a purchase.

With 14% of the SSL certificate market, I think the 5 years for waiting is up on Verisign. As their marketshare decrease, their base of installed certificates will steadily decline, as existing companies switch or go out of business, and their claim as "the leading SSL Certificate Authority" will be just hollow words.

Maybe this will help to answer your question the only reason that you need a cert on your site is if you are hosting the payment pages and are getting credit card or any other sensitve info on your site.

There is no point running a cert on a site that does not have any personal information stored if your payment page is a redirect to an https:// you do not need to concern yourself with a cert of anykind.

Hope this helps
Jason

Yup sorry forgot to mention that if you do need a cert a simply one should be fine like the one mentioned by FalseDawn in the previous posting

If you use their gateway. they will give you a seal to use as well.

-Corey

Hey guys thanks for the heads up but it is similiar to what does the online shopper know....A verisign cert at minimum cost can make the difference between a sale or no sale.

Shoppers like to see the BBB logo as well as the verisign logo because thats what they know even if there are shoppers who are knowledgable of how it works so it will make all the difference what I will do is just get a 40 bit cert and I should be fine.

Do you guys think that these aspects the BBB and the cert encourage online shoppers to buy...?

Any thoughts

Yes the security that is listed on your e-com site does give your consumers that extra level of confidence when purchasing and with the addition of VBV (verified by visa) and letting your customers know that you use AVS (address verification system) lets them know that your site is safe. Any other companies that do not directly deal with the safety and security of the online purchasing experience can actually do more harm than good. Take for example the BBB although I have nothing against them I am simply answering a question that was posed and am no way attempting to destroy the credibility of that agency. I read a post on RippOffReport and suggest that you read it before you begin adding anybody’s branding to your website.

Now what I want you to bear in mind is that these same shoppers that are online and buy quite frequently are checking sites like RippOffReport and EyeOnCredit before they purchase. What I suggest is that any branding that you place on your site should be limited to the realm of safety and security of the online experience in terms of certs and privacy protection, anything else will be at your own discretion.

[edited by: lorax at 2:23 pm (utc) on Nov. 22, 2005]
[edit reason] Removed URLs [/edit]

I think it might be worthy for time being, but seems expensive,I hope PayPal is coming up with good solution by using verisign's gateway soon.