Online Security

Types of SSL Certificates

Article Rating: 2 / 5 Votes: 17

Category: Online Security , Securing Your Website



Ensuring website security and protecting the privacy of ecommerce customers doing business with you online is essential to establishing customer confidence and trust. That confidence and trust is established through securing communication between your customer's Web browser and your site, generally by way of a digital SSL Certificate. You can install an SSL Certificate yourself or one can be provided to you by your Web hosting provider or a third-party transaction-processing company.

Upon seeking to establish secure communications with your Web-based business (for example, when a consumer initiates an online purchase) the consumer's browser seeks to validate your Web site's authenticity by requesting an SSL certificate that verifies the identity of the website owner. Once that SSL certificate is recognized, a Secure Sockets Layer (SSL) connection is established for website security, encrypting data transmitted between you and the consumer including such information as credit-card and bank-account numbers.

Types of SSL Certificates

Online businesses may currently ensure website security by choosing between three types of SSL Certificates: Organizationally Validated (OV) SSL Certificates, Domain Validated (DV) SSL Certificates, and a third type of SSL Certificate, called Extended Validation SSL Certificates, which was introduced in early 2007. All SSL Certificates include data encryption and trigger the browser to display a closed padlock and the "https" prefix in the browser address window. However, not all provide the same level of validation that the bearer of the SSL Certificate is truly a legitimate business with a secure website.

  • ORGANIZATIONALLY VALIDATED (OV) SSL CERTIFICATES: This level of SSL website security validation, currently offered by Network Solutions® and other certificate authorities (CAs), assures the validity of a Web site by verifying that the applicant is a legitimate business. Before issuing the SSL certificate, the CA performs a rigorous validation procedure, including checking the applicant's business credentials (such as the Articles of Incorporation) and verifying the accuracy of its physical and Web addresses. An Organizationally Validated SSL Certificate is an excellent website security option for any business conducting online transactions and accepting sensitive data, such as credit-card numbers, from customers.
  • DOMAIN VALIDATED (DV) SSL CERTIFICATES: The validation procedure is less rigorous for a Domain Validated SSL Certificate. When issuing a Domain Validated SSL Certificate, the CA checks only that the applicant's name and contact information matches the registration information in the WHOIS database for the domain name associated with the applied for SSL Certificate. Because CAs aren't required to validate the legitimacy of the applicant's business, Domain Validated SSL Certificates are a good choice for businesses where customers will not be transmitting sensitive data or are less concerned about website security issues like identity assurance.
  • EXTENDED VALIDATION (EV) SSL CERTIFICATES: This newest level of Certificate validation is also available from Network Solutions. Introduced in early 2007, Extended Validation SSL Certificates are the first SSL Certificates to adhere to industry-wide certification guidelines established by leading Web browser vendors and Certificate Authorities, including Network Solutions. The Certificate application process itself is more thorough and the validation criteria more rigorous for EV certification, whose applicants, at least initially, are limited to certain types of business entities and government agencies. Among the new features of EV SSL Certificates is the color-coding of the Web browser's address bar to signal secure connections. The browser navigation window turns green to indicate an authentically validated site with an Extended Validation SSL Certificate, full website security, and encryption in place, and turns red when it encounters a known phishing or otherwise untrustworthy site.

At present, all businesses should consider trying to upgrade to EV SSL Certificates, assuming that they meet the validation requirements, since the EV SSL Certificate offers the greatest level of website security on the SSL Certificate market today.

The Bottom Line: Network Solutions is a leading provider of SSL Certificates for website security. To learn more about Network Solutions' nsProtect™ Secure SSL Certificate services or to purchase your SSL Certificate today, please visit our SSL Certificates Product Page.