What is the difference among DV, OV and EV SSL certificates?
2018-06-13 ONE NET WIKI
All SSL-protected sites display the https://prefix in the URL address bar in a internet web browser. What some people may not know is that not all certificates are created equal. There are actual differences in certificates that are issued through Certificate Authorities (CA) Classified as DV, OV, and EV certificates.
Level 1: Domain Validated SSL Certificate (DV):
Domain Validated certificates are certificates that are checked against domain registry. There is no identifying organizational information for these certificates and thus they are not recommended to be used for commercial purposes but for internal purposes. Visitors to a website with DV certificates cannot validate, via the certificate, if the business on the site is legitimate and thus often DO NOT trust this type of certificate. It is recommended using these types of certificates where security is not a concern, such as protected internal systems were internal clients or employees already know the established trust of the organization.
Pros: Easy to obtain; Fast issuance
Cons: Use only for web-based applications that are not at risk for phishing or fraud; Avoid using for websites that handle sensitive data.
Level 2: Organization Validated SSL Certificate (OV):
Organizational certificates are Trusted. Organizations are strictly authenticated by real agents against business registry databases hosted by governments. Documents may exchange and personnel may be contacted during validation to prove the right of use. OV certificates therefore contain legitimate business information. This is the standard type of certificate required on a commercial or public facing website. OV certificates conform to the X.509 RFC standards and thus contain all the necessary information to validate the organization.
Pros: More thorough vetting process than DV; Company information is displayed to users; Provides a certain level of trust about the company who owns the website.
Cons: OV Certificates do not offer the highest visible display of trust like EV SSL (green browser bar).
Level 3: Extended Validated SSL Certificate (OV):
Nothing provides more trust and security than Symantec Extended Validation Certificates. It is used by most of the world’s leading organizations. They have found that switching from OV to EV certificates increases online transactions and improve customer confidence. It is no longer a luxury but a necessity. Sites protected with a EV SSL Certificate display a green browser bar to quickly assure visitors that the organization’s legal and physical existence was verified according to strict industry standards.
EV certificates reinstate the trust users have for a secured web site. The criteria for issuing EV certificates are defined by the Guidelines for Extended Validation and provide a vetting process that is much stricter than that for OV certificates. Apart from improving trust and confidence via the strictest authentication process, EV certificates triggers a visible Green Bar on modern browsers to distinguish the secured site apart from others. The combination of Symantec’s world trusted strict validation procedures, the Symantec/Norton Seal and the Green Bar provides the highest degree of trust amongst consumers. It is extremely difficult to impersonate or phish an EV enabled site as even if web content can be duplicated, the Green Bar cannot be triggered without a trusted EV certificate.
Pros: EV Certificates come with the green browser address bar; Increase user trust and lower bounce rates and shopping cart abandonment.
Cons: EV Certificates have the highest cost.