Buy from the highest-rated provider   Buy DigiCert Certificate x

Over 50% of browsers can now use EV SSL Certificates

VeriSign has posted about a statistic that means good news for EV certificates and consumers in general: Over 50% of browsers can now use EV SSL Certificates. VeriSign's Tim Callan references the recent browser share report from Hitslink. The report shows that the percentage of Web Browsers on the Internet that understand what an EV SSL Certificate is (including Internet Explorer 7 and 8, Firefox 3, and Opera 9.5) totals over 52%. He mentions how this has grown by 3% in just the past month.

But how many web sites use EV SSL Certificates? Callan reported ealier that there were about 6,000. Compared to the millions of sites on the Internet this seems small but Callan explains:

It's important to distinguish between the mass of Web sites out there that are strictly publishing content from the considerably smaller subset that actually engage in some sort of online business. EV SSL today very much is focused on those sites where consumers are asked to share sensitive information with a business, something like an account login or a credit card number or personally identifiable information. These are the pieces of information that criminals want to steal, and these are the sites that phishing and malware and other attacks are directed after. A consumer doesn't need protection from phishing attacks when visiting your personal blog or Star Wars fan site or even your company's brochureware site. It's only where the actual commerce takes place.

Therefore, you shouldn't consider the full footprint of Web sites in the world but rather this subset that is conducting business. I don't know exactly how to measure that number, but I expect it's orders of magnitude smaller than the number of total Web sites out there.

Now, there's an implication in this posting that maybe in the long run sites without commerce taking place will still want an EV cert in order to demonstrate their genuine identity. I think that is a possibility down the road, but today we're really focused on those sites where there is information to protect.

Over 50% of client systems are EV aware - [Tim Callan's SSL Blog]

Originally posted on Mon Aug 18, 2008