Checking the authenticity of a digital certificate via your browser

  • No error message is shown when the browser establishes an SSL connection.
  • The address bar starts with https//:
  • A lock is either shown at the end of the address bar (Internet Explorer) or in the footer (Firefox). (There is no longer a lock symbol from Firefox 4 onwards!)
  • Depending on the type of certificate used, the address bar is shown either on a green or white background (green for Extended Validation Certificates) with Internet Explorer. With address bars shown on a green background, the name of the financial institution is shown to the right of the lock, alternating with the name of the certification agency.
  • Firefox shows the name of the financial institution on a green background to the left of the address bar with Extended Validation Certificates. With standard certificates, the domain
    part of the address.
  • The domain part of the address of the financial institution contacted is correct.

Example: Internet Explorer 9

  1. Click twice on the padlock icon on the address bar.
  2. Click on View Certificate
  3. On the General Tab, look for these details
    Issued to: ebanking-hksg.ubs.com
    Issued by : VeriSign Class 3 Extended Validation SSL SGC CA
    Valid from 08/11/2013 to 10/11/2015
Checking the authenticity of a digital certificate via your browser

Checking the authenticity of a digital certificate by comparing fingerprints

Checking the authenticity of a digital certificate by comparing fingerprints
  1. Click twice on the padlock icon on the address bar.
  2. Click on View Certificate
  3. Select Details tab.
  4. Scroll down to the end of the window.
  5. Click on the Thumbprint bar.
  6. The fingerprint is checked via a comparison of the character string shown to a reference string which you will have received from your financial institution. If the character string identified from the certificate is identical to the reference string received from your financial institution, the certificate is authentic. When comparing, please take into account the fingerprint type: The sequence shown and the reference string sequence must be of the same type (SHA1).

The fingerprint shown by your browser has to be compared to the one published by the financial institution. If both fingerprints are identical, the certificate used is authentic.

UBS Fingerprint for UBS e-Banking

SHA1 Fingerprint: ‎72 c8 32 4d 76 c3 65 26 14 6c f6 56 1d dc 6d b2 00 26 48 7c
Valid: until October 11, 2015