The WebTrust(TM) program has been elaborated for certificate authorities in order to enhance customer confidence in using the internet, which is the vehicle of e-trading. The main target is to increase customer confidence in the course of the application of PKI (Public Key Infrastructure). The program was developed in Canada in cooperation with the United States and with the participation of international accounting and auditing firms. The program is supervised by the Association of Chartered Professional Accountants of Canada (CPA Canada).
In the framework of the program, those Webtrust(TM) licenced practitioners are allowed to perform audits who have valid contracts with the association. Exclusively such audit firms or professionals may become partners who operate in accordance with international standards. Only partners are entitled to perform specific assurance services in the framework of the program.
In the course of service provision, licenced practitioners evaluate and test the compliance of certificate authorities with principles and criteria defined in the program. In case of conformity, the certificate authority receives the Webtrust(TM) seal, which can be published on its website. By the presentation of the Webtrust(TM) seal the certificate authority declares that its activity is tested and evaluated on a regular basis by independent third parties, who disclose the result of their examinations in public audit reports.
Since the spring of 2016 Crowe FST Audit Kft. has been entitled to perform compliance audits as the partner of CPA Canada, which is unique in Hungary. In the course of the audit we first evaluate the operation of the certificate authority, risks and compliance, then we disclose the result of our examination in a public audit report, which includes our recommendations as well.
WebTrust(TM) is a fundamental element of confidence in certificate authorities for billions of internet users all round the world. We trust that by the utilisation of our services certificate authorities will be included in the trusted root CA store of several manufacturing and trading companies, and by this the security of internet and internet based services is developed further.