Bank of America and SSL certs

[quetzlcoatl]

Hi everyone!

A client of mine would like to process online cc payments with Bank of America's "virtual net ip" plan. I spoke with a phone rep yesterday, and he said our SSL cert would need to be "vital compliant". I have never heard this before, and I have set up sites with Authorize.net AIM and Linkpoint API as payment processors.

Well today I contacted the 3 cert providers we are considering; Thawte, Verisign, and InstantSSL. None of the three could give a definitive answer, when I asked about vital compliancy.

So I am wondering... is anyone here experienced with Bank of America and their virtual net ip plan? If so, what SSL cert company do you use?

Thanks in advance for ANY help! :)

[Corey Bryant]

I searched a number of search engines for vital compliant SSL & variations, but nothing came up. Did you also check out Geotrust? I would ask the B of A rep which one they recommended @ least a list of vital compliant SSL cert.

[Shift4SMS]

My guess is that the BofA person you spoke to does not know what he/she is talking about and is only throwing out buz words. The term that he/she probably meant was "VISA CISP compliant" which means it must be at least 128 bit encryption strength SSL -- older and cheaper 56 bit SSL's are not CISP compliant.

All the companies mentioned have 128 bit SSL certs - I have a preference for GeoTrust just because of good price and not any bad experiences with them.