Google and Mozilla to remove Extended Validation signals from desktop browsers


· 24th October 2019·Website Security, Website Maintenance

Google and Mozilla to remove Extended Validation signals from desktop browsers

Google and Mozillahave decided to remove all visual signals from their Chrome andFirefox browsers indicating that users have landed on a legitimatesite.

The ExtendedValidation (EV) certificates can only be issued by selected group ofcertificate authorities. In order to acquire one, a company mustundergo a difficult process which validates the legal identity as theowner of the website. They are also a lot more expensive.

The idea behind theEV certificates was to provide users with more confidence whenvisiting a website. Browsers used to reward such sites with visiblevisual cues, one of which was the verified legal identity in front ofthe domain name. Often the identity was colored in green.

According to Googleand Mozilla however, the EV certificates are no longer useful enoughto be called out in the browser bars.

In their officialstatement Google shared that the certificates do not help users makesecure choices and in addition the legal entity’s name at the fronttakes up valuable browser space.

In a similar toneMozilla stated that the effectiveness of these certificates wasquestioned numerous times so far, as users notice there is nopositive security indicators.

Google has of Sept10th removed the EV security indicator from the addressbar and has placed it in the Page Info pop-up. You can access this byclicking on the padlock icon.

Firefox followedsuit on Oct. 22th with version 70. Other browsers such as Safari,have already ditched the EV signs.

Nadejda Milanova