Multiple PHP Versions
09/04/2015
PHP 7
17/12/2015
Show all

What is SSL and do I need it?

SSL is a cryptographic protocol designed to provide communications security over a computer network.  That simply means that it secures the communication between your computer and the server.  There are many different variations of certificates around that can provide you with security, although not are optimal for your business.  In this guide, we’ll try to let you know what each variation is, and how you can use it for your business.

Which SSL certificate do I need?

Well, this is the question we’ve all asked ourselves when we first stepped into the world of SSL!  No need to worry though, we’ll help you decide that!

1. Domain Validation or DV Certificates

This is the lowest level of authentication used to issue SSL certificates. The Certificate Authority (CA) will issue this certificate to anyone listed as the domain admin contact in the public record associated with a domain name. As a result, DV certificates are issued very quickly. No company information is checked or displayed on the certificate.

When to use it? 

When you have websites where trust and credibility are less important such as personal websites and small forums that need basic encryption for things like logins, forms or other non-transactional data.

Pros:

  • Easy to obtain
  • Fast issuance

Cons:

  • Use only for web-based applications that are not at risk for phishing or fraud.
  • Avoid using for websites that handle sensitive data.

2. Organization Validation or OV Certificates

OV is the more secure step up from DV. As well as checking up on ownership of the domain name, the Certificate Authority will also carry out additional vetting of the organization and individual applying for the certificate. This might include checking the address where the company is registered and the name of a specific contact. This vetted company information is displayed to visitors on the certificate, making ownership of the site much more visible.

When to use it?

When you have public-facing websites dealing with less sensitive transactional data.

Pros:

  • More thorough vetting process than DV.
  • Company information is displayed to users.
  • Provides a certain level of trust about the company who owns the website.

Cons:

  • OV Certificates do not offer the highest visible display of trust like EV SSL (green browser bar).

3. Extended Validation or EV Certificates

This is the gold standard in SSL certificates. EV verification guidelines, drawn up by the Certificate Authority/ Browser Forum, require the Certificate Authority to run a much more rigorous identity check on the organization or individual applying for the certificate. Sites with an EV SSL certificate have a green browser address bar and a field appears with the name of the legitimate website owner and the name of the Certificate Authority that issued the certificate.

When to use it?

When you have e-commerce sites and websites handling credit card and other sensitive data.

Pros:

  • EV Certificates come with the green browser address bar.
  • Increase user trust and lower bounce rates and shopping cart abandonment.

Cons:

  • Although EV Certificates have a higher cost, it’s possible to recoup the extra cost of an EV certificate in the form of increased revenue.
  • You can also strengthen your credibility and brand by showcasing your commitment to online security.