COMDEX: VeriSign lands two more trusted commerce companies

Digital security company VeriSign Monday announced that it has signed up managed Web hosting companies Affinity Internet and Interland to its Trusted Commerce initiative, extending VeriSign’s Shared Hosting Security Services and Payment Services to small businesses using either of those two providers to host commercial Web sites.

Interland will be offering VeriSign services as part of its blueHalo shared hosting platform, according to a statement released by VeriSign.

It is not clear how Affinity will be packaging the new services, though they may also be rolled into that company’s standard e-commerce package, according to Ben Golub, senior vice president of VeriSign’s Web trust and payments group.

The Trusted Commerce initiative is VeriSign’s effort to extend the use of its encryption and payment security technology to the more than two million small and midsize businesses that are offering Internet-based transactions but are not direct certificate owners. Currently VeriSign’s certificates have been issued to about 400,000 sites worldwide, according to Golub.

As part of the program, VeriSign works through Web hosting companies and ISPs to authenticate small companies that are doing business online, just as larger and more established vendors are vetted by VeriSign before being issued a digital certificate.

Previously, VeriSign only authenticated companies that owned its certificates, for example the managed Web hosting company or ISP. Digital certificates were then issued to those companies.

Small businesses that were customers of the Web hosting company or ISP shared the company’s VeriSign certificate to secure transactions made through their own hosted site, but VeriSign did not authenticate those businesses individually, issue certificates to those companies, or allow them to display the VeriSign Secure Site Seal on their Web page.

“It was encryption without authentication,” Golub said. “All the consumer knew was that the ISP was legitimate.”

In other words, while sensitive information was secured by VeriSign’s technology during the transaction, there was no way to determine whether the business that the customer was patronizing was legitimate.

“It’s like putting your money in an armored car, but having no idea where the car is going,” Golub said.

As part of the new Trusted Commerce initiative, small merchants will still use the digital certificate belonging to their hosting company, but VeriSign will check to make sure that each company using that certificate is a valid commercial entity.

Among other things, VeriSign will check to make sure online merchants are registered with the secretary of state where they are headquartered, that they have applied for and received a valid business license in that state, and that the physical location of the company and personal identities of principals in the company can be confirmed, according to Golub.

“It’s a case of not just saying ‘Yes, Interland and Affinity are real ISPs,’ but also ‘Joe’s Bait and Tackle is a real company,'” Golub said.

Golub said that both merchants and consumers will benefit under the new system, even though the cost of the new service is likely to be handed down from ISPs to their customers, resulting in higher costs for Web hosting.

In return for being certified by VeriSign, Golub said, merchants will be able to display a silver VeriSign Secure Site Seal on their site. Clicking on the seal will display identifying information for the particular merchant. That seal can translate directly into higher sales, with customers less inclined to bail out on partially completed purchases because they feel uncomfortable sending credit card or personal information over the Internet, according to Golub.

Certificate owners display a gold VeriSign Secure Site Seal on their site, Golub said.

Consumers will benefit from the extension of authentication technology once reserved for large online retailers to smaller Internet-based businesses that couldn’t afford to buy their own digital certificate, Golub said.

And, should a transaction go awry or be handled improperly, the VeriSign seal provides consumers with information that can be used to pursue recourse with the owners of the site, Golub said.

Behind the scenes, the new program relies on changes to VeriSign’s certificate infrastructure.

Information on each merchant that is gathered during the authentication process is stored in a database owned by VeriSign, Golub said. Each merchant’s information is linked in that database to information on the particular hosting company, server, and digital certificate belonging to that server, according to Golub.

For VeriSign, the new partnerships with Affinity and Interland represent important new sources of revenue. More important, though, the Trusted Commerce initiative is a way to VeriSign’s authentication technology a de facto standard on the Internet.

VeriSign’s technology already secures approximately 90% of secure Internet sites and 25% of all e-commerce transactions, according to Golub.

The new partnerships with prominent Web site hosting companies will enable VeriSign to push its technology out to the vast swath of small online retailers whose sites already generate a significant percentage of all online revenue and who will likely account for much of the future growth in e-commerce.