Certificate Protection Against Man-in-the-Middle Attacks
The world’s in love with browsing the web and Internet shopping—and apparently becoming enamored with online banking and other online financial transactions as well.
To help make such transactions secure, responsible financial website owners encrypt all user connections to their websites by deploying valid certificates signed by known certificate authorities, such as VeriSign or GeoTrust.
Valid certificates not only encrypt your transactions, they let you know the website is really owned by the entity it purports to be, since the certificate authority has validated the host’s credentials, giving their “stamp” of approval in the certificate, usually for a fixed timeframe of about two years.
When you see an https prefix in the URL field of your browser, along with a lock icon, often with the link also colored green, you can generally have faith that the site provides proper security and encryption, enforced by the certificate.
When a trusted browser such as Internet Explorer, Firefox, Chrome, or Safari begins such a session, it does a “handshake” with the website, to find out if its certificate for the site is valid by checking it against a known good certificate list.
If the certificate is valid, the transaction is encrypted and you can safely proceed. If it isn’t, you’re usually warned by the browser that it’s dangerous to continue on the website.
What happens, however, when a cybercriminal inserts himself in the middle—for example, over an unsecured Wi-Fi hotspot—then “spoofs” a trusted certificate, injecting it into your browser’s certificate list? Your browser—and you—are tricked into thinking you’ve got a secure, encrypted connection to the website, when you don’t.
Since the transaction is not really encrypted, and the cybercriminal is sandwiched between you and the website, you unwittingly give up your private information to them, including identity data and credit card numbers. The trust between you and the original website owner is profoundly violated—and you’ve just become a victim of a man-in-the-middle attack.
Trend Micro™ Security 10 is designed to help protect you against man-in-the-middle attacks. Whenever you access a protected online account or conduct transactions online, Trend Micro Security 10 double-checks if the certificate on the certificate list of your browser is truly valid, one issued by a trusted certificate authority—not a phony certificate that just pretends to be real, issued by the cybercriminal.
If the certificate is validated by Trend Micro Security and the Smart Protect Network™, you can safely proceed to the website and conduct your transactions. If the certificate is flagged as phony, you’re blocked from continuing and presented with a warning: “Dangerous Webpage!”
In short, Trend Micro Security 10’s certificate checking feature helps ensure that the trust you require for all your private online transactions cannot be violated—that all transactions between you and a trusted business or organization are encrypted and secure.
Install Trend Micro Security 10 today—so you can do great things online safely.
For more information, please visit Trend Micro.