Whether you need encryption because you are collecting personal information or build trust or confidence to your customers that you are in fact a legimate buisness and have taken the time to go through the steps to be verified, the number of businesses that use SSL have increased tremendously over the past few years.

As the reasons companies use for SSL have become wider, three different types of SSL Certificates have been established. The difference between these 3 types of SSLs certificated that are issued be Certificate Authorities (CA), really comes down to the amount of work that is put in to verifying your business.

• A Domain Validated SSL will mean that the CA will only verify the domain name, and not verify anything additional.

Domain Validation (DV) SSL Certificates are issued when the CA checks to make sure that the applicant actually has the right to the specific domain name.  No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal. DV certs can be issued immediately.

• An Organization or Business Validated means the CA will verify your business, and you will need to provide acceptable business documents for them to verify this. Your company information will be shown on the certificate itself.

Organization Validation (OV) SSL Certificates are issued only when a Certification Authority (CA) checks to make sure that the applicant actually has the right to the specific domain name plus the CA does some vetting (investigation) of the said organization.  This additional vetted company info is displayed to customers when the Secure Site Seal is clicked on, this gives enhanced visibility to who is behind the site which in turn gives enhanced trust in the site. Takes about 2 days to issue.

• An Extended Validation means the CA will verify your business ownership. You will need to provide acceptable business documents or both your company and ownership details. These details will be displayed on the certificate, and will then show that little green bar in the browser bar, like the one that shows for us. We strongly recommend that if you haven't already, to get a DUNS (Dun & Bradstreet) number which can take approximately 10 business days to get a DUNS number issued.

Extended Validation (EV) SSL Certificates are issued only when a Certification Authority (CA) checks to make sure that the applicant actually has the right to the specific domain name plus the CA conducts a very thorough vetting (investigation) of the organization. The issuance process of EV Certificates is standardized and is strictly outlined in the EV Guidelines, which was created at the CA/Browser Forum in 2007, specifies the required steps that a CA must do before issuing an EV certificate:

1.    Must verify the legal, physical & operational existence of the entity
2.    Must verify that the identity of the entity matches official records
3.    Must verify that the entity has the exclusive right to use the domain specified in the EV Certificate
4.    Must verify that the entity has properly authorized the issuance of the EV Certificate

EV Certificates are used for all types of businesses, including government entities and both incorporated & unincorporated businesses. Takes about 10 days to issue.

A second set of guidelines are for the actual CA and it establishes the criteria to which a CA needs to be audited before being allowed to issue an EV Certificate. It is called, the EV Audit Guidelines, and they are always done every year to ensure the integrity of the issuance process.
Was this answer helpful? 162 Users Found This Useful (416 Votes)