Browsers exported from the USA are crippled by 40 bit encryption because USA export regulations prevent export of 128 bit encryption. 40 bit encryption is easily broken with enough time and computing power.
VeriSure extends those browsers to 128 bits to provide highly secure encryption (currently unbreakable), regardless of whether they are in the USA.
This means you can offer your customers secure online transaction facilities such as governmental services, banking, investment and other financial services.
Client authentication is performed through Client Certificates which can be stored on the local machine's hard drive or can be retrieved from a card reading device (such as a SmartCard) for walk-by kiosks.
Where a browser has been enabled by multiple VeriSure licensees, only one copy of VeriSure is loaded, each licensee distributes its own certificates independently.
Client Authentication is performed through verifying Client Certificates and relaying them to the 40 bit server.
VeriSure does not use SSL 2.0 which has several well known flaws, especially regarding message digests.
The message digest authenticates the message against tampering or forgery which is especially important for financial transactions. Let's say a third party intercepts a message across the network and decrypts it. The value to that third party is limited to the content of the information of that single message, because that third party cannot create new messages for two reasons: the encryption key changes with every message and every message is authenticated with a message digest which cannot be reverse computed.
VeriSure loads certificates in x509 version 3 format and private keys in PKCS#8 format. If the certificates are stored locally on the hard drive, they should be placed in the "VeriSure" sub-directory of the Java home directory.
VeriSure also performs SSL 3.0 authentication of the remote server upon every connection, thereby assuring customers of the true identity of the server they are connecting to.
The VeriSure classes are available for licensing for third party application development.