Free SSL

Free SSL Certificates Causing Security Concerns

August 3, 2017 | By John Britas

SSL Certificates are supposed to offer web sites and online users security as they communicate with each other over the internet. And these SSL Certificates indeed do a good job securing the online world from various kinds of malware threats. But with the advent of free SSL Certificates, things have changed drastically. And although the goal of the Certificate Authorities (CA(s)) issuing these free SSL certificates is a noble one – free SSL encryption for all – the system they seem to employ and the removal of the price tag over these precious digital security certificates is raising various online security concerns.

Free SSL Certificates Causing Security Concerns

Phishing Sites Obtaining Legitimate SSL Certificates

With the rise of free or cheap SSL Certificates, hackers have found a new way to lure visitors to their phishing sites. They are making use of the “superficial checks” carried out by the Certificate Authorities (one cannot really blame them for doing so since they are flooded with SSL Certificates requests every day, but this is no excuse for lowering the bar for security checks) issuing these free security certificates and obtaining legitimate SSL Certificates for their websites. Though phishing websites usually have short lifetimes, this short period for which they gain legitimate SSL Certificates is often enough to accomplish their goals.

Pricing SSL Certificates Not Such a Bad Idea

Usually, free products have shortcomings. And those with the price tag offer quality. The same principle applies for SSL Certificates as well. Now the question is: Would you prefer shortcomings over quality when it comes to your SSL Certificates? Viewing things in this context, one realizes that placing a price tag on SSL Certificates is not such a bad idea. Because the chances of hackers going through the trouble “buying these security certificates to carry out hacking” are very, very less, as they know for sure that their certificate will be a short-lived one.

Free SSL only a Bare-Bones Solution

Apart from flimsy background checks, Certificate Authorities offering free certificates usually provide only the “bare minimum” SSL protection which is not always sufficient to protect websites from various forms of malware threats. Technically speaking, these authorities usually offer only Domain Validation (DV) certificates. And all that is required to get this certificate is to prove to Certificate Authorities that you are the owner of a domain. Something almost anyone – even a hacker with malicious intentions – can easily do.

The Solution?

The increasing number of phishing websites which use legitimate SSL Certificates to lure online users serve as a strong indication that free SSL Certificates are not serving their purpose and therefore should be avoided at all costs. At least until quality SSL provided – only after carrying out stringent checks – is offered for free. Till then, enterprises should stick to reputed Certificate Authorities like Comodo, for purchasing their SSL Certificates. Because only such high-quality digital certificates can offer genuine online security to your website and its users by safeguarding them against security issues like identity theft and data leakage.

Get Free SSL Certificate

Posted in Free SSL,SSL Certificate

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory