The London Protocol
- Date:August 22, 2018
- Author(s):
- Sean Sposito
- Al Pascual
- Report Details: 4 pages, 0 graphics
- Research Topic(s):
- Cybersecurity
- Fraud & Security
- PAID CONTENT
- Download summary
Overview
Amidst an increasing number of phishing reports involving digital certificates, several Certificate Authorities (CAs) have banded together. For the first time, these arbiters of digital trust are cooperating in an effort to proactively ensure the certificates they’re providing (OV and EV Certificates, see below) to financial institutions and others are worthy of the trust that consumers place in them.
In late June — less than a month before Google released the 64th version of its Chrome browser, which began labeling unencrypted websites as unsafe — Comodo CA, Entrust Datacard, GlobalSign, GoDaddy, and Trustwave came to a broad agreement. Dubbed the London Protocol, the pact was announced by the CA Security Council during a CA/Browser Forum event in its namesake. It boils down to an initial promise to share URLs amongst themselves that have been flagged as potentially malicious through an agreed upon protocol.
Interested In This Report
Related content
Data Loss Prevention Against Ransomware
This report explores the challenges financial services providers face, not only when it comes to being attacked themselves, but in the counsel and education they offer to business ...
DDoS Attacks Pose New Risk for Banks: Tiny Botnet Wages Largest HTTPS Attack on Record
The news earlier this month that the largest HTTPS distributed denial-of-service (DDoS) attack on record was intercepted and mitigated should get the attention of financial institu...
Shields Up: How Financial Institutions Should Brace for Targeted Cyberattacks
The U.S. government is warning U.S. firms to prepare for possible Russian cyberattacks due to the West's economic sanctions on Russia and support of Ukraine. This note explores the...
Make informed decisions in a digital financial world