Authentication Levels

A look at the different authentication levels of SSL/TLS Certificates

There are three distinct levels of Authentication when it comes to SSL/TLS Certificates. They are Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV). While all three have their uses, one is definitively better than the other two. Let's drill down a bit further and take a look at all three.

Higher levels of authentication provide better validation and inpsire more confidence in users...

Domain Validation (DV)

DV certificates are the most basic of SSL/TLS certificates. They offer no-frills, bare-bone encryption with minimal authentication. In order to receive a DV SSL/TLS certificate you only need to prove ownership over the registered domain. The upside of this is that it allows blogs, personal sites and non-business sites the opportunity to encrypt—and as the Internet evolves, every website should have encryption.

Something to keep in mind...

The downside to Domain Validation certificates is that almost anyone – including cyber-criminals – can get one. This means that while you can be assured that your communication on a site with a DV cert is encrypted, there's no being sure who's on the other side. Higher levels of authentication provide better validation and inpsire more confidence in users.

Organization Validation (OV)

OV certificates offer a greater deal of authentication, which helps website visitors to know who's on the other end of a connection. The encryption across all three certificates – DV, OV and EV – is the same. But OV and EV offer better levels of authentication—which is why they cost a bit more and take a little longer to issue. In order to get an OV cert you will need to prove your organization is a legitimate legal entity by satisfying requirements for:

Organization
Authentication
Locality
Presence
Telephone
Verification
Domain
Verification
Final
Verification Call

The upside is that by clicking on the visual SSL/TLS indicators a client (the person visiting your website) can see your organization details and be assured of who is on the other end of the connection. The downside is that the visual indicators for OV certificates are the same as for DV certificates and many people don't know where to look to see your information.

New to SSL/TLS Certificates?

Learn More

Extended Validation (EV)

EV certificates offer the greatest deal of authentication and often times come packaged with other security products like malware scanners and vulnerability assessments. In order to get an EV certificate you have to undergo extensive vetting from the Certificate Authority issuing you the cert. This requires you to satisfy requirements for:

Organization
Authentication
Enrollment
Form
Operational
Existence
Physical
Address
Telephone
Verification
Domain
Authentication
Final
Verification Call

The upside is that EV certs unlock the green address bar in all browsers. This is an obvious visual indicator and your organization's name will be displayed prominently within it. It's impossible to fake a green address bar, so your clients or customers will have absolute assurance that you are who you say you are.

The downside is the price—but don't let that scare you. As we've already said, Extended Validation SSL/TLS certificates often come packaged with other security products. They also pay for themselves. Research shows that websites with EV certificates see a boost in conversions, meaning you see a considerable return on investment.

Learn More About EV SSL Buyer's Guide