Everyone has to start somewhere when he or she are working with new technology and new types of products. While many of the IT and website management professionals we work with at Comodo very well versed in SSL certificates, they all started out as newbies to the technology.
Understanding the SSL certificate differences from more than just a technical point of view can be a real advantage. Knowing how to explain to the website owners or ecommerce site management and sales team why a specific SSL certificate is being recommended is a marketing tool that you can use in your business as well.
Sometimes, and we see this often, an IT management professional uses the same type of SSL/TSL certificate over and over again. There is little attempt to pair the product with the website and the security needs of the consumer using the site. This because they may not understand what is the SSL option best suited for the site.
The incorrect use of a specific type of certificate can lead to issues with sales. While this may not be your concern as an IT professional, it will be a very big factor for the ecommerce sales team or manager. As consumers become more aware of what to look for and the importance of the SSL certificate, having a lower level of security on a site will result in knowledgeable customers moving to another more secure website of a competitor.
To help to outline the SSL certificate differences and the best use considerations, let's start with basic options and move to the higher EV SSL option.
DV or Domain Validation
With the domain validation type of certificate visitors to the site will see the gold padlock as well as our Comodo Secure TrustLogo. This is a good visual indicator that a top Certificate Authority (CA) is verifying the domain is owned by the person or entity listed on WHOIS. In other words, the CA is stating that the domain is owned by the person or entity on record.
These are fast and simple to obtain and are available in minutes. Comodo offers the complete application online; you will just need to generate the applicable CSR (Certificate Signing Request) on the server. The encrypted text generated will be copied and pasted into the application to provide the necessary information.
This is a very low-cost option and is ideal for a company that is not a high volume ecommerce site or tends to work with a very small target audience. The certificate will not provide information about your company, which may be a concern to customers new to the website or those that are security conscious.
Keep in mind these certificates offering 2048 bit signatures and 128/256 bit encryption and also offer the site seal from Comodo and the free value added features our customers expect. There is also the 30-day money back guarantee offered for the product.
Organization Validated (OV)
We offer several different options in SSL certificates that are organization validated. The SSL certificate differences between domain and organization validated include a higher level of assurance for your customers. These can be designed for single sites as well as EV SSL. The EV SSL can be used across main domains and subdomains on the same certificate.
With these certificates we provide a check of government databases that are found online to verify all data provided, either as an individual or as an organization, is valid and correct. This will include identification requires for both individuals as site owners and for organizations.
Slightly more expensive, the organization validated SSL certificate provides more information to customers mousing-over the padlock or the Trustlogo site seal. For an individual, this is the highest level of security that can be provided on a website. It is also the highest possible level for many types of businesses.
While not typically available in minutes, the EV SSL at Comodo is often available in a very short period of time. This is the level of security that most major corporations, businesses and government entities will use. This is also the only SSL certificate that provides the iconic green address bar for the site, clearly demonstrating the level of security.
Not all businesses can use the EV SSL and validation and verification is more exacting and detailed. It will include all the verification and validation steps for the OV, as well as additional steps to ensure the business actually exists as a physical entity. There are several different methods that can be used for this type of validation. Documentation about the business will also be required.