All SSL certificates are equal, but some are more equal than others:
The most crucial thing to note is that there are three levels of SSL certification available that essentially do the same thing: they check the legitimacy of the domain owner and they enable the encryption of information exchanged on your website, such as credit card information or an email address. In essence, each level provides exactly the same standard of security.
Where they differ is in the extent of vetting involved and, therefore, how long the validation takes to complete – from minutes for domain validation to up to ten business days for extended validation – and how much confidence they command.
• Extended validation (EV) from THAWTE. This is the gold standard in SSL certificates, delivering the highest level of consumer trust through the strictest authentication standards. EV verification guidelines, drawn up by the CA Browser Forum, require the CA to run a much more rigorous identity check on the organization or individual applying for the certificate. This can be a time consuming process, but it’s worth it. Sites with an EV SSL certificate have a green browser address bar and a field appears with the name of the legitimate website owner and the name of the security provider that issued the certificate. Therefore you can rest assured that you are dealing with a legitimate site that cares about their security.
Certificates used by most other websites:
• Domain validation (DV). This is the lowest level of authentication used to issue SSL certificates. The CA will issue a domain-validated certificate to anyone who is listed as the domain admin contact in the WHOIS record (the public record associated with each domain name) simply by sending an email to the contact email address. As a result, domain validated certificates are issued very quickly, but no company information is checked or displayed on the certificate, making it easier for internet criminals to gain this type of certificate from irresponsible CAs.
• Organization validation (OV). OV is the more secure step up from DV. As well as checking up on the ownership of the domain name, the CA will also carry out additional vetting of the organization and individual applying for the SSL certificate. This might include checking the address where the company is registered and the name of a specific contact. This vetted company information is displayed to visitors on the certificate, making the ownership of the site much more visible.