Use Fingerprints to determine the authenticity of an Internet website
It may sometimes be useful for security purposes to make sure that you are connected to the right website, and not a spoofed copy of it. While this may be less of an issue at home, you may run into all sorts of troubles when you are using public Internet connections.
It is rather difficult on first sight to make sure that you are really connected to the right secure website and not a copy that traffic gets redirected to. This can for instance be done by spoofing a site's certificate
One of the options that you have in regards to https connections is to use fingerprints for verification, as fingerprints cannot be spoofed. So to make sure you are on the right site, you compare the fingerprint of its certificate in your browser against a trusted source that provides you with fingerprint records of its own.
Looking up fingerprint certificates
Each web browser handles this in a different way:
- Click on the lock icon in the browser's address bar and select more information from the menu.
- Select View Certificate on the new window that opens up.
- Locate the fingerprint section on that page.
- Click on the lock icon in the browser's address bar.
- Switch to connection and on that page on certificate information.
- Switch to details on the new window and locate Thumbprint at the bottom of the listing.
- Click on the secure lock icon in the address bar and select details from the menu that opens up.
- Click on the certificate link that is displayed.
- Switch to the details tab and check the Thumbprint field value here.
- Right-click on the page and select Properties from the context menu.
- Select Certificates on the properties page.
- Switch to the details tab, make sure that show is set to all, and scroll down until you find the thumbprint field.
Verifying the fingerprint of a website
Now that you know how to look up the fingerprint of a website's or server's certificate, it is time to compare the fingerprint using a second source.
The GRC website can be used for that purpose. Just visit the fingerprint page on it and either look at one of the popular fingerprints at the top, or enter the website you want to retrieve the certificate fingerprint for below in the form.
All you have to do is compare the fingerprint displayed in the web browser to the certificate pulled by the script on the GRC website.
As a side note: Make sure the GRC website shows a green listing and lock icon in Firefox, Chrome or Opera, as this is an indicator of an authentic Extended Validation Certificate.
Once you have have compared the fingerprint that is displayed in your web browser of choice to the fingerprint that the GRC website provides you with, you know that the connection is either valid or spoofed.
Exception: Companies may use multiple certificates which all come with their unique fingerprint. Depending on which server you are connected to, it may mean that the certificate differs even if you are connected to the real website or server.
The technique is ideal to make sure you are connected to the right secure website. While it may not provide you with a definitive answer that a certificate is spoofed if fingerprints do not match, it still may make you more cautious because of it.Advertisement