# General Business Category > Scam Alert Forum >  DigiNotar certificates

## AndyD

HTTPS is the secure protocol that banking and many other transactions are made across. Recently it's not been so secure after DigiNotar which is a Dutch company that issues certificates for secure keys was hacked and the root certificate compromised.

In laymans terms HTTPS is designed to provide a secure and encrypted connection between you and your internet banking server for example. You have a key for the secure server which allows you access and the certificate is the way of checking your key is genuine and untampered with. This ensures that your communications with the server cannot be intercepted by a 'man in the middle'. The hacking of Diginotar has allowed 'man in the middle' attacks of secure connections of Google, Wordpress, Mozilla and The TOR Project amongst others.

The bad news is your browser hangs on to these root certificates for dear life so if your certificate has been compromised you may need to dig it out manually using a tool supplied by your browser developers. Most browsers will address the issue with their next major update.

It looks like this attack is a progression of the Commodohack attacker who also claims to have compromised Globalsign a while ago and the motivation is political and not financial at the moment. That said it's only a short step to other systems including government communications, banking, online shopping etc being insecure. 

This kind of action could also have further reaching consequences than the fall in VASCO stock price that followed these incidents if consumer trust in internet commerce sites takes a knock.

----------

Dave A (08-Sep-11)

----------


## Dave A

I would hope when it comes to the banks, they'd take quick action to correct the problem if their secure services become compromised. 

Many years ago one of the gateway payment operations I had used got hacked. The first I knew about it was when I got a call from Standard Bank card division telling me about it. Just to make sure, they had stopped my current credit card, and a new one would be at the bank within a couple of days.

"We apologise for the inconvenience", they said.
"No probelm. Thank you for being on top of it" was my reply.

So surely the banks would change their certificates in this situation.
Perhaps even the certificate provider...

 :Hmmm:

----------

