Originally Posted by SenseiSteve
The biggest thing I see in all of this is perceived value to the client. I've never had anyone question whether a SSL is certified and signed. Once they see the lock icon, they generally don't care. Personally, I still recommend a payed certificate for eCommerce sites.
Yes consumers dont care as long as they see padlock and as its drummed in to only trust sites with a padlock then fraudsters are using the free SSL to deceive consumers into thinking they are purchasing from a genuine and trusted site