Google and Mozilla to remove Extended Validation signals from desktop browsers

Google and Mozilla to remove Extended Validation signals from desktop browsers

Posted 24th October, 2019 by Nadejda

Google and Mozilla have decided to remove all visual signals from their Chrome and Firefox browsers indicating that users have landed on a legitimate site.

The Extended Validation (EV) certificates can only be issued by selected group of certificate authorities. In order to acquire one, a company must undergo a difficult process which validates the legal identity as the owner of the website. They are also a lot more expensive.

The idea behind the EV certificates was to provide users with more confidence when visiting a website. Browsers used to reward such sites with visible visual cues, one of which was the verified legal identity in front of the domain name. Often the identity was colored in green.

According to Google and Mozilla however, the EV certificates are no longer useful enough to be called out in the browser bars.

In their official statement Google shared that the certificates do not help users make secure choices and in addition the legal entity’s name at the front takes up valuable browser space.

In a similar tone Mozilla stated that the effectiveness of these certificates was questioned numerous times so far, as users notice there is no positive security indicators.

Google has of Sept 10th removed the EV security indicator from the address bar and has placed it in the Page Info pop-up. You can access this by clicking on the padlock icon.

Firefox followed suit on Oct. 22th with version 70. Other browsers such as Safari, have already ditched the EV signs.

Categories: Website Security, Website Maintenance