One question we are asked time and time again is “What level of SSL security should I offer to my customers?” The answer is a nebulous “it depends”.

When it comes to SSL certificates, it’s very important to understand what customers are trying to accomplish before you can make a recommendation. Customers may be buying a certificate for a personal website or they may be buying a certificate for a multi-million dollar e-commerce website. We have put together this quick guide that will help you recommend the right product to your customers.

Level 1: domain validation or DV certificates

This is the lowest level of authentication used to issue SSL certificates. The Certificate Authority (CA) will issue this certificate to anyone listed as the domain admin contact in the public record associated with a domain name. As a result, DV certificates are issued very quickly. No company information is checked or displayed on the certificate.

When to use DV certificates:

Situations where trust and credibility are less important such as personal websites and small forums that need basic encryption for things like logins, forms or other non-transactional data.

– Easy to obtain
– Fast issuance

Things to keep in mind:

– Use only for web-based applications that are not at risk for phishing or fraud.
– Avoid using for websites that handle sensitive data.

Level 2: organization validation or OV certificates

OV is the more secure step up from DV. As well as checking up on ownership of the domain name, the Certificate Authority will also carry out additional vetting of the organization and individual applying for the certificate. This might include checking the address where the company is registered and the name of a specific contact. This vetted company information is displayed to visitors on the certificate, making ownership of the site much more visible.

When to use OV certificates:

Public-facing websites dealing with less sensitive transactional data.

– More thorough vetting process than DV.
– Company information is displayed to users.
– Provides a certain level of trust about the company who owns the website.

Things to keep in mind:

OV Certificates do not offer the highest visible display of trust like EV SSL (green browser bar).

Level 3: extended validation or EV certificates

This is the gold standard in SSL certificates. EV verification guidelines, drawn up by the Certificate Authority/ Browser Forum, require the Certificate Authority to run a much more rigorous identity check on the organization or individual applying for the certificate. Sites with an EV SSL certificate have a green browser address bar and a field appears with the name of the legitimate website owner and the name of the Certificate Authority that issued the certificate.

When to use EV:

E-commerce sites and websites handling credit card and other sensitive data.

– EV Certificates come with the green browser address bar.
– Increase user trust and lower bounce rates and shopping cart abandonment.

Things to keep in mind:

Although EV Certificates have a higher cost, it’s possible to recoup the extra cost of an EV certificate in the form of increased revenue.
You can also strengthen your credibility and brand by showcasing your commitment to online security.

Offering SSL Certificates is a very powerful way to add margin to your business. When marketed correctly to end users, adoption rate can be quite high and margins are generally very healthy. Besides, if more users adopt SSL, it means that the Internet will be a better and safer place.

Download the reference guide >

View our SSL offering >