Users of Microsoft Corp.'s latest Web browser can start looking for the address bar to turn green while shopping or banking.
(MSNBC is a joint Microsoft - NBC Universal venture.)
The security feature in Internet Explorer 7 is activated when sites have what's known as an extended-validation certificate. That's given out to merchants that have undergone and passed screening that is more rigorous than what is normally required to obtain regular certificates, which trigger a closed padlock on the browser familiar to many online shoppers.
But lack of a green bar shouldn't be interpreted as a sign a merchant is fraudulent.
Many smaller and newer businesses will not be able to get the EV certificates because rules for verifying them have yet to be written.
And the green bar only appears when there's a transaction or login — such as entering a credit card number or password. The address bar might remain white while visiting the home page of a merchant with EV certification.
The appearance of the green bar should tell visitors that the merchant does exist and operates at the location it says it does, though it doesn't validate its quality of service.
Browser makers and certificate issuers have been working on the EV system for nearly two years partly to address the rise of "phishing" scams in which Web sites try to mimic legitimate businesses to steal passwords and other sensitive data.
Although certificate issuers used to always check to make sure sites were really what they said they were, newer competitors have tried to cut costs by checking only that the site owns the domain name. Scam artists — needing only a credit card and a domain name — have thus been able to obtain the certificates necessary to appear legitimate.
The green bar feature is currently available on Microsoft's IE7, which comes with Windows Vista computers and is available as an upgrade for some older systems. Other browsers such as Mozilla's Firefox and Opera Software ASA's Opera also are working on similar features.
The tool for IE7 complements a newly launched filter that displays a red warning for known phishing sites and yellow for suspicious ones. In some cases, that filter must be turned on for the feature to start working properly.
Sites initially using EV certificates include eBay Inc., Overstock.com Inc. and Charles Schwab & Co.