Does your website need DV, OV or EV certificates?
Not sure how to answer this question? If the alphabet soup of digital validation has you confused, you are not alone. Most of us recognize that Secure Socket Layer (SSL) is a form of encryption that is usually associated with e-commerce. But few non-tech professionals could say exactly what that is and what it does.
Don’t worry. We are here to cut through the confusion so that you can choose the right level of authentication for your type of website and traffic.
What exactly is Secure Socket Layer (SSL) Authentication?
It is no big secret that crimes like cryptojacking and online scams are part of life in the age of information. Website validation lends an air of trustworthiness to your web presence. When you type a domain into the URL bar, your web browser and the web host’s server exchange information that tells your browser whether the website is safe for you to visit.
Not every website exchanges sensitive financial or personal information with users. However, just having your domain validated is often enough to bolster your authenticity in a casual visitor’s eyes. If you are engaged in any sort of e-commerce, validation is also essential for providing an extra layer of protection to your overall cybersecurity plan.
Take a look at the URL bar of the website you are reading this article on right now. In front of the hypertext transfer protocol secure (https) prefix, you will see a little padlock icon. Clicking on this icon will tell you several things about our website:
- That have a valid security certificate.
- That we use cookies (and how many).
- Information about site settings.
You will also see a statement verifying that our connection is secure. Our website is safe to use if you are providing personal or financial information.
At a minimum, any website you visit should include the “S” for secure at the end of the hypertext prefix and have that little padlock in front of the address.
What do the various certificates mean?
Not seeing any signs of a secured, validated web presence could mean that visitors leave your website and never come back. In some cases, your web browser will issue a warning and prevent traffic from accessing your website at all.
Each letter in the first part of the validation type means that the organization behind the website has gone through a different level of scrutiny to verify their correct identity.
There are three main types of SSL certificates. Each offers a different level of secured data transmission, in conjunction with trusted encryption methods.
Domain Validated (DV) Certificates
This is the most basic form of website validation. It comes at a very low cost or even free. That makes it a great option for websites that exist to entertain or inform the public, without an e-commerce component. With this level of validation, you will know that a certification authority (CA) has investigated your domain name and can verify that it belongs to the entity listed on Whois.
Website owners can obtain a DV certificate in just a few minutes. It will cost just a few dollars a year to get one. Having a DV provides transparency and establishes a level of trust that you are who you say you are. It will also help with your technical SEO. A DV certificate tells Google that a trusted authority has viewed your domain name and investigated it for authenticity.
Organization Validated (OV) Certificates
This type of validation offers a middle ground between basic authentication and the type coveted by large enterprises that want to conduct online business. If you sell merchandise or provide paid services online, but you are not a big corporation, this is a good option for you.
An OV certificate scours government websites and other online resources to certify that your domain is legit and that you are a legally registered business entity. For individuals, this is the highest level of verification you can obtain, That is true for many businesses as well.
This route uses a slightly longer and more involved validation process than the simple online form used for DV certificates. Therefore, it will cost you a little more each year to keep it. But you will gain a solid ROI in terms of trust and transparency.
Extended Validation (EV) Certificates
If you own a large corporation or work in high-level e-commerce, this is the type of validation you need. To obtain an extended validation certificate you will have to perform all of the steps required for an OV and EV certificate, plus a few more. Unlike OV certificates, you can use an extended validation for multiple domains. You will know that a website has this credential by the green address bar that appears after you type in the URL.
An EV certificate is usually only used by the largest corporations and government entities.
Can a SSL certificate be denied or revoked?
Yes. If your domain registration and corporate status cannot be verified, your request will be denied. The CA determines that they have erroneously issued a certificate, or the domain is associated with malicious activity or bad business practices. They may then revoke the certificate and put it on a list. You can repair your certificate by submitting a form. In this form, you should state you have fixed any discrepancies and are now requesting re-validation.
Final thoughts
Not all encryption serves the same purpose. However, just seeing that certificate posted on your website boosts consumer confidence and offers peace of mind to visitors. You do not need fulyl to understand the technology behind it in order to reap the advantages. Just knowing will how the different types enhance security will help you can choose the best SSL certificate for your online environment.
We invite you to register for free to our Reseller Control Panel to see the most attractive prices for SSL certificates provided by Openprovider.
Guest post by industry specialist Samuel Bocetta.