There are three types of SSL Certificate available today; Extended Validation (EV SSL), Organization Validated (OV SSL) and Domain Validated (DV SSL). The encryption levels are the same for each certificate, what differs is the vetting and verification processes needed to obtain the certificate and the look and feel of in the browser address bar.
Over the last few years the number of organizations using SSL Certificates has increased dramatically. The applications for which SSL is being used have also expanded. For example:
- you might need SSL for privacy in communication (to ensure you are not being snooped on),
- or you might wish to prove you can trust who you are talking to (identity in private communication).
With encryption, you are able to hide communications from a hacker but you cannot stop them from intercepting communications and posing as your website to steal information from your customers. As people move away from brick and mortar stores and increase their online shopping and banking habits, consumers have to be able to trust they are visiting the true website of the store they are shopping on. This is more difficult to prove online.
You can prove your identity by having an external third-party (like GlobalSign) vet your personal and company information. Based on this verification or vetting procedure, SSL Certificates can be broken down into three categories.
Extended Validation (EV SSL) Certificates
With an EV SSL, the Certificate Authority (CA) checks the right of the applicant to use a specific domain name plus, it conducts a thorough vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007. All the steps required for a CA before issuing a certificate are specified here including:
- verifying the legal, physical and operational existence of the entity,
- verifying that the identity of the entity matches official records,
- verifying that the entity has exclusive right to use the domain specified in the EV SSL Certificate,
- and verifying that the entity has properly authorized the issuance of the EV SSL Certificate.
The latest, and possibly most significant, advancement in SSL technology since its initial inception follows the standardized Extended Validation guidelines. New high security browsers such as Microsoft Internet Explorer 7+, Opera 9.5+, Firefox 3+, Google Chrome, Apple Safari 3.2+ and iPhone Safari 3.0+ identify Extended SSL Certificates and activate the browser interface security enhancements, such as the green bar or green font. For customers who wish to assert the highest levels of authenticity, this is the ideal solution.
EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV SSL Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.Example of EV SSL Certificate
Example of EV SSL Certificates
Organization Validated (OV SSL) Certificates
The CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust. Organization name also appears in the certificate under the ON field.
Example of OV SSL Certificates
Domain Validated (DV SSL) Certificates
The CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal. While you can be sure that your information is encrypted, you cannot be sure who is truly at the receiving end of that information.
DVSSL Certificates are fully supported and share the same browser recognition with OV SSL, but come with the advantage of being issued almost immediately and without the need to submit company paperwork. This makes DV SSL ideal for businesses needing a low cost SSL quickly and without the effort of submitting company documents.
Example of DV SSL Certificate
Multi-Domain & Wildcard SSL
Fast & Economical
- Secure multiple domains and
- sub domains on the same server with a single SSL Certificate &
- single IP address with Wildcard and Subject Alternative Names (SANs).