Verify if a Website is Who it Claims to Be (EV Certs)
This article applies to: Security & Policy
Verify that a web site you are visiting is who it claims to be. If you see green in the address bar in your browser, the web site has an Extended Validation (EV) Cert and it’s encrypted.
Cornell’s CUWebLogin page has an EV cert. To see an example visit any campus service that uses CUWebLogin for authentication, such as the Employee Essentials page. Click the certificate name “Cornell University (US)” to see additional info about the certificate.
Cornell’s EV Certificate in Firefox
Cornell’s EV Certificate in Internet Explorer
Green EV Certs are more reliable, because a certificate authority has to verify a web site’s identity, before an EV Cert will be issued.
What else can the address bar tell you?
- Yellow or red (sometimes accompanied by warning popup windows) – be cautious. The cert may be expired, or the web site may have been flagged as a risk.
- A lack of color – the site is not encrypted. Do not type your credit card numbers or other confidential information that could put you at risk of identity theft on unencrypted sites.
- A blue cert, a padlock, and https – traffic to and from the site is encrypted and the site has a Secure Socket Layer (SSL) Certificate. An SSL cert guarantees encryption, but does not verify site ownership. Anyone (including fraudsters) can have an SSL cert on their site.