In this series of blog posts we will explore the options available to websites and e-commerce stores for SSL certificates. Part one of this series explores the purpose and use of Extended Validation (EV) SSL Certificates and why your business should invest in one.

What is EV SSL?

An extended validation (EV) SSL certificate provides your customers with the confidence that the business they are purchasing from has been further validated by the issuing certificate authority (CA). For an e-commerce store, the green address bar is the most powerful feature of EV SSL Certificates.

What is the purpose of EV SSL?

The primary purpose of an extended validation (EV) SSL certificate is to:

1. Identify the legal entity that controls the Web site
   • This provides the end-user of the Web site which has an EV SSL certificate installed some reassurance that the Web site they are accessing is controlled by a specified legal identity. Details such as trading name and address are clearly visible in the certificate’s details.
2. Enable encryption of communications between a user’s browser and a Web site
   • The main purpose of any SSL certificate is to encrypt data between the Web site and the user’s browser
3. Identify the source of the executable code
   • Provide the user with reasonable assurance that the code being executed is provided by a specific legal entity. Details such as trading name and address are clearly visible in the certificate’s details.

A traditional SSL certificate is issued by domain validation, whereby the webmaster that purchases the certificate validates that the certificate they are purchasing is for their domain name. For example mysecuresite.com purchases an SSL certificate from RapidSSL. The webmaster of the domain name mysecuresite.com will receive an e-mail message from the certificate authority (in this example RapidSSL). The webmaster must then confirm by either replying to the e-mail message or clicking on an activation link to approve the request – this mechanism is referred to as domain validation.

For further reading on the exact requirements for certificate authorities to issue an EV SSL certificate, please refer to the Extended Validation Guidelines document.

What are the options?

There are three market leaders who offer EV SSL options (not listed in any particular order):

1. Verisign
   • Pricing is considerably higher than most SSL issuers however brand awareness and trust is very high
2. GeoTrust
   • A more affordable option and a well known brand
3. SBS (powered by Comodo)
   • Another well heard of brand, once again offering a more affordable route to using EV SSL

How much should I invest in EV SSL?

The decision is ultimately down to price and with that comes the differentiation between the three brands mentioned above. One thing holds true between all three, they all offer EV SSL certificates and the same (some offer increased levels of encryption) levels of protection.

Please find below a simple comparison:

Verisign

Verisign offers two levels of EV SSL certification:

1. Secure Site EV – Buy now for £644/year
   • Vetted by Verisign and displays the green address bar, company name and details in the certificate overview window
   • Secure 1 domain or sub-domain
   • Verisign trusted brand (#1 trust mark on the web - source: verisign.com)
   • Includes the Verisign site seal logo to display on your web site
2. Secure Site Pro with EV- Buy now for £1,004/year
   • Vetted by Verisign and displays the green address bar, company name and details in the certificate overview window
   • Secure 1 domain or sub-domain
   • Verisign trusted brand (#1 trust mark on the web - source: verisign.com)
   • SGC (Read more about server-gated cryptograph below)
   • Includes the Verisign site seal logo to display on your web site

GeoTrust

Geotrust offers only one level of EV SSL certification:

1. GeoTrust True BusinessID with EV – Buy now for £130/year
   • Vetted by GeoTrust and displays the green address bar, company name and details in the certificate overview window
   • Secures 1 domain or sub-domain
   • Highly recognised brand (#2 trust mark on the web – source: geotrust.com)
   • Includes the GeoTrust site seal logo to display on your web site

SBS (powered by Comodo)

SBS (powered by Comodo) offers only one level of EV SSL certification:

1. SBS EV – Buy now for £310/year
   • Vetted by Comodo and displays the green address bar, company name and details in the certificate overview window
   • Secure 1 domain or sub-domain
   • Well trusted brand

A Server-Gated Cryptograph (SGC) compatible SSL certificate automatically steps up protection to a minimum of 128-bit encryption even if the user’s browser is limited to 40-bit or 56-bit encryption. 256-bit encryption can be enabled if your user’s browser supports it and the SSL technology running on your web server is compatible. For more information on SGC please see here: http://www.verisign.co.uk/ssl/ssl-information-center/strongest-ssl-encryption/index.htm

For your business to succeed online you need to establish trust with your customers and by investing in a trusted SSL certificate brand and investing in the very best in SSL certificate technology you are showing your customers you place their security at the heart of your business. Next week we will explore the options available for wild-card (multiple domain – one certificate) SSL certificates and the options available.

Tags: Comodo, E-commerce SSL, EV SSL, Extended validation, GeoTrust, Verisign

This entry was posted on Wednesday, November 25th, 2009 at 22:12 and is filed under SSL. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.