E-Commerce

Third party is called Certification Authority (CA) who is responsible for vouchsafing the identity of users and issuing them with certificates that bind the public key to their identities. They also will issue digital certificate to provide verification that your website does indeed represent your company and they must take steps to establish the identity of the people or organization to which they issue the ID. Authenticity is ensured when certificate is issued once establishes with its organization’s public keys and signs with Certification Authority’s private key.

Third-party certification is a process by which a product or service is reviewed by a reputable and unbiased and independent third party to verify that a set of criteria, claims or standards are being met. It is a kind of certification which gives confident to customers to surf the website due to the increased in phishing and spoofing attacks on the internet. This is because they are afraid of their personal information such as ID number, passwords, credit card numbers and etc will be sent to those companies which do not exist in this real world. Furthermore, they can provide e-mail protection and validation, secure online shopping carts and more services in order to avoid being spammed, hacked and attacked by the macilious software such as virus, trojan horse and worms. One of the third party certification is MCS Trustgate.com Sdn Bhd.

MCS Trustgate.com Sdn Bhd is a licensed CA in Malaysia which was established in 1999. They offer complete security solutions for individuals, organizations, government, and e-commerce service providers by digital certificates, encryption and decryption. For example, MCS Trustgate.com Sdn Bhd has provided security solutions and trusted services to help companies build a secure network and application infrastructure for their electronic transactions and communications over the network. Besides that, they are committed in delivering high quality services which has brought their recognitions with the enterprises, government, and many leading e-commerce sites, and service providers' digital certification services, including digital certificates, cryptographic products, and software development both locally and internationally which has achieve their objective. Their objective is to secure the open network communications from both locally and across the ASEAN region.

Furthermore, MCS Trustgate.com Sdn Bhd is a licensed under the Digital Signature Act 1997 (DSA) which is a Malaysia law that sets a global precedent for the mandate of a CA. And as a CA, MCS Trustgate.com Sdn Bhd core business is to provide digital certification services such as digital certificates, cryptographic products, and software development. Some of the their products and services are SSL Certificate, Managed PKI, Personal ID, MyTRUST, MyKAD ID, SSL VPN, Managed Security Services, VeriSign Certified Training and Application Development. Their vision is to enable organizations to conduct their business securely over the internet, as much as what they have been enjoying in the physical world.

MCS Trustgate.com Sdn Bhd provides Public Key Infrastructure (PKI) to assist all the companies in conducting their business over the Internet. PKI Technologies is designed to secure intranet, extranet, and Internet applications by combining maximum flexibility, performance, and scalability with high availability and security. The service allow enterprise to quickly and cost-effectively establish a robust PKI and Certification Authority (CA) system with complete control over security policies and enables faster deployment and lower operating costs while providing an open platform that integrates with off-the-shelf solutions. As a result, it allows enterprise to easily deploy a PKI while relieving itself from the high expense of designing, provisioning, staffing, and maintaining its own PKI backbone. It helps the organizations to enhance the security of the data and manage identification credentials from users and organization. It also helps to secure by based on the exchange of digital certificates between authenticated users and trusted resources. The E-Commerce users can design their own PKI to meet the preferable security and technical requirements of their organization such as confidentiality where PKI users will use it to encrypt data that is stored or transmitted.

MyKad is designed by government with PKI capability that allows its holder to conduct online transaction with government agencies and private sectors. And MCS Trustgate.com Sdn Bhd has provided MyKey which is the PKI solution that allowing you to authenticate yourself online and to digitally sign documents or transactions. Besides that, MCS Trustgate.com Sdn Bhd is the prime PKI developer and integrator for MyKad which has offered various MyKey (MyKad PKI) modules for developer who wishes to develop MyKad applications such as MyKey Application Programming Interface (API), Signing module, Verification module and MyKad Client Kit.

VeriSign SSL Certificates is the public encrypted key that Webmaster sends to CA which is a standard part of most web server and web browser packages when works in conjunction with the Secure Sockets Layer (SSL) technology. It is the leading Secure Sockets Layer (SSL) Certificate Authority under MCS Trustgate.com Sdn Bhd which enables the security of e-commerce, communications, and interactions for Web sites, intranets, and extranets. It means that VeriSign is used to enhance the server security for your website. It provides security solutions to protect an organization’s consumers, brand, Web site, and network and also gives confidence to customer in communication and online business transactions. This is because with the increased phishing and spoofing attacks on the Internet, customers want to make sure that they are dealing with trusted parties when they conduct business through online. They need to ensure that their information traveled over the Internet has reaches the intended recipients and is safe from intruders. For example, most of the banks in Malaysia will show their verified certificate on their online banking website to avoid phishing.

Besides that, VeriSign SSL Certificates helps a growing number of organizations and individuals to communicate and conduct commerce with confidence as it offers a wide spectrum of solutions for financial services, consumer product and retail companies, healthcare and life sciences, and the public sector.

Furthermore, VeriSign is the trusted provider of Internet infrastructure services for the networked world because the ability to know and trust the parties with which you do business and communicate has become critical in the networked world. It allows companies and consumers to engage in trusted communications and commerce. For more than 10 years, VeriSign Internet infrastructure has been at the very heart of the Internet, enabling key transactions and protecting valuable data. This is because VeriSign has facilitates as many as 50 billion authoritative Domain Name System (DNS) queries a day, and has been providing this service since 1998 with 100% availability. It also plans to increase capacity of the .com and .net DNS by 10 times by 2010 to provide the security and stability required for global Internet-based transactions. It has issued over 2 million VeriSign® Identity Protection (VIP) credentials to consumers for strong authentication on a network of leading Web sites so that consumers will feel confidence when the having transaction through internet.

There are two types of server certificates provided by MCS Trustgate.com Sdn Bhd which are Secure Server ID and Global Server ID. Secure Server ID is the 40-bit Server ID and it enables visitors to verify the site's authenticity and to communicate with it securely via state-of-the-art SSL encryption, which protects confidential information from interception and hacking. While Global Server ID is the 128-bit Global Server Certificate which ensures that the Web site visitors will receive powerful 128-bit SSL encryption. It means that Global Server ID is supported by many major platforms, while Secure Server ID is supported by a much longer and more comprehensive list of platforms. Both of it strengths have to depend on the length of the "session key" generated by every encrypted transaction. The longer the key, the more difficult it is to break the encryption code. Global server ID is the world's strongest as it would take a trillion-trillion years to crack using today's technology.

Moreover, Verisign will protects your Web site and makes it easy for your Web site visitors to trust you because it enables encryption of sensitive information during online transactions and each of it contains unique, authenticated information about the certificate owner. After that, Certificate Authority will verify the identity of the certificate owner when it is issued. Besides that, digital certificate is usually attached to an e-mail message or an embedded program in a web page which verifies that user or website is who they claim to be. The common functions of it are user authentication, encryption and digital signatures. User authentication will provides other security that using username and password. While encryption will make the data transmission secured by using the information encrypted. Therefore, recipient of the data is the only person to receive the message. Digital signatures are like the hand signature in the digital world which can ensure the integrity of the data. As a result, by using the digital certificate, the users will be able to make transaction through internet without fear of having the personal data being stolen, information contaminated by third parties, and the transacting party denying any commercial commitment with the users. Further, the digital certificates can assist the development of greater internet based activities. Therefore, applying the 3rd party certification is more secured for online shopping and customers can shop safely.