Which SSL Validation Level is Right for Me?
We know it can get a little murky when trying to figure out what SSL certificate validation level is right for you. What’s the differences? What validation level fits my company best? All good questions. And all questions we will answer. In this article we’ll dig into each validation level, what they mean, how they differ and ultimately, which one is right for you.
Domain Validation (DV)
Naturally, we start with simplest SSL validation level. As the name would suggest, a domain validation (DV) SSL certificate means that you only need to get your domain ownership/control validated. This leads to some excellent perks, including:
- It’s the most affordable option
- It has the fastest issuance time (sometimes instantly)
Unfortunately, that is where the advantages end. While a DV SSL certificate does in fact secure your website with the same level of encryption as the other two validation levels, it does not provide the same visual confirmation to the user that you are a secure site. This is due to the quick validation process. If a certificate authority (CA) can only confirm your domain name, then it would be difficult for them to relay any other information to the end users.
This results in only your domain name being displayed in your certificate details. This could result in a lack of trust from end-users. Another reason why a user may not trust a website with a DV SSL certificate is due to the fact that DV SSL certificates are what cybercriminals use on websites with malicious intent. This is because a DV SSL certificate is easier to obtain. A few other possible downfalls to buying a DV SSL certificate include:
- Smaller SSL warranties
- Less impressive site seals
How Do Users Look at Your SSL Certificate Details?
User can confirm your certificate details by clicking on the HTTPS padlock besides your URL.
And then by clicking on “certificate” and then “details.”
Who Should Buy a DV SSL Certificate?
DV SSL certificates are best for:
- Internal/non-public-facing sites
- Web-based applications (no risk of fraud)
- Sites where credibility matters less than data security (such as a basic blog site)
If you fit into one of the above categories, then a DV SSL certificate is a nice affordable option that includes a quick and easy validation process.
Organization Validation (OV)
The organization validation (OV) SSL certificate typically cost more than a DV SSL certificate and requires a bit more of a lengthier validation process but carries perks of its own as well. Just as the DV SSL certificate shows less visual confirmation that a site is secure due to its simpler validation process, an OV SSL certificate shows more.
By allowing users to validate your company’s identity directly in the SSL certificate details, they will feel more confident that they are on a legitimate website. The validation process typically takes 1-3 days. And as for what this lengthier validation process includes – in addition to authenticating your domain control, you will need to go through these steps:
- Organization authentication
- Locality presence verification
- Telephone verification
- Final verification call
In addition to building more trust with end-users, OV SSL certificate’s typically come with better warranties as well.
Who Should Buy an OV SSL Certificate?
- Public-facing sites limited to less-sensitive transactions
- Searchable information sites
- Government and educational sites
Ultimately, if you fall into one of the above categories, an OV SSL certificate is an excellent middle-of-the-road option that will satisfy your need for visually trusting HTTPS encryption security.
Extended Validation (EV)
The EV SSL certificate is the highest level of validation you can receive for an SSL certificate. It also consists of the lengthiest validation process (usually 1-5 days) and is the most expensive option. However, it does come with the most perks.
- An EV SSL certificate provides the most visual evidence to end-users that they are on a secure site via very transparent company information in your certificate details.
- You will also get the highest SSL warranty.
- EV SSL certificates will sometimes include additional web security tools, such as a malware or vulnerability scanner.
Example of an EV SSL Certificate’s Visual Trust Indicators in one-click on the browser
By displaying you are a verified company, it becomes very apparent the site is NOT run by a cybercriminal. Research even shows that EV SSL certificates “are 99.99% likely to be unassociated with bad cyber actors.“ With EV SSL, users can check your company name and location to ensure they’re buying from who they think they are.
As far as the validation process, you will go through the same steps as the OV SSL certificate + the steps listed below:
- Enrollment Form – Pretty straightforward, basic paperwork
- Operational Existence – Verifying your operation via your local online government database
- Physical Address – Once again verified via your local online government database
Who Should Buy an EV SSL Certificate?
- Sites that require login, accept payments or handle private information
- Sites that handle other sensitive data such as eCommerce, banking, and healthcare sites
- Sites that want to reassure their visitors with a visual indicator in the address bar
The EV SSL certificate is a must-have for the types of websites listed above. This is the way to build the utmost amount of trust with users – making them feel comfortable and confident to share their sensitive data with your organization.
No matter which SSL certificate validation level you settle on, you are guaranteed to create a more secure and trustworthy environment for your end-users. It really comes to down what type of website you are running, which in turn will determine what level of visual trust indicators you need to display. Also, what type of additional perks (warranty, site seals, web security tools, etc.) you value. No matter the choice, by securing your website with HTTPS – you are doing the right thing.