What is Low Assurance SSL?

Compare SSL certificates from all major certificate authorities
Use a Low Assurance SSL Certificate on your web site
with extreme caution!

Low Assurance certificates are used primarily by e-Businesses who unwittingly base their purchasing decisions purely on cost without being aware of the facts. The information presented here will help you avoid this sometimes very costly mistake.

Low Assurance SSL
  • Using Low Assurance certificate may drive away consumers who need to verify your identity.
  • Low Assurance certificates, sometimes referred to as 'domain only' certificates contain no verified data other than the domain name.
  • Low Assurance certificates have no value when used for encryption (White Paper available here)
  • There is no direct correlation between a Domain Name and it's owner, so consumers are unable to verify for themselves.
  • Leading cryptography and security experts agree that low assurance certificates do not provide encryption.

But are low assurance certificates actually worth it? Certification authorities issuing low assurance products are able to save time by not performing any human validation of information submitted during the application process. This therefore means that no credentials are available within the certificate for consumers and browsers to verify.

How much would you pay to have your site trusted by your customers? - Trust is one of the greatest assets that a salesman, in other words your web site, can utilise. In knowing this, how much would you pay to be trusted? $10,000, $5,000, $1,000? The difference in price between the lowest cost high assurance provider and the lowest cost low assurance provider. is just less than $30. That's only $0.08 per day! Can your e-Business afford that? For most e-Business providers even the loss of one single customer per year would wipe out the 'cost saving' achieved through the use of a low assurance certificate. Browsers now actively display

What do the leading experts say? - Dr Colin Walters - "What is the point of encryption if you don't know who you are encrypting for" (http://www.instantssl.com/pdf/encryption.pdf)

"Low Assurance SSL Certificates with no entity authentication DO NOT deliver confidentiality or integrity. Why is this? Because confidentiality and integrity are the result of being able to encrypt and encryption requires authentication…"

Show me why High Assurance SSL is what I should use on my site