What is an EV SSL certificate and what are its advantages?
by: Gijs Hovens
These days, SSL certificates are a requirement for every website. It is hard to imagine a proper company website in 2017 that is not adequately protected against hackers. Extended Validation (EV) SSL certificates give the clearest signal that a website sends only encrypted data. But what is an EV SSL certificate and what are the most important advantages? And how exactly do you apply for such a certificate?
What are SSL certificates?
SSL certificates are small files that create a secure connection between a webserver and a browser. They attach a digital encryption key to the data of a company in order to block cyber criminals. SSL certificates have many advantages and can be recognised by the padlock icon in the address bar of a website.
Until recently, the certificates were mostly used to secure online payments, transactions through web shops, logins, contact forms and other (sensitive) information transfers. These days, it is normal to have the entire website secured with a certificate. For popular websites that are often the target of phishing attacks, an SSL certificate is anything but superfluous.
The EV SSL certificate
The highest form of SLL security is the EV or Extended Validation SSL certificate. EV SSL certificates connect the name of a domain, server or host to the identity and location of a company, guarantee you can connect to that company, and secure the connection. This is in contrast to DV certificates, which secure only the connection and guarantee you connect to the domain visible in the address bar.
EV certificates are used by important players in the internet market such as banks and giant web shops such as Tesco.com. An EV SSL certificate is shown by most web browsers as a green address bar that shows not only the domain name, but also the (statutory) company name of the owner. The checks and conditions of issuance are very strict in the case of an SSL certificate. This means delivery takes a little extra time (usually a week or two). Additionally, purchasing such a certificate in the highest security category also means a bigger investment.
Requirements for an EV SSL certificate
In order to be allowed and able to buy an Extended Validation SSL certificate, a company must first go through an application procedure. The most important part of the process is an extensive and standardised identity check, which verifies the reliability of the applicant. The criteria used to issue EV SSL certificates have been recorded in the Guidelines for Extended Validation Certificates. The CA/Browser Forum, a non-profit organisation that consists of leading certification authorities, (internet) software developers and legal experts, sets requirements that EV SSL certificate applicants have to meet.
Applying for and implementing an EV SSL certificate
You can apply for an Extended Validation SSL certificate online. The supplier will then start the screening process in order to be sure the applicant is legitimate. The application and implementation process is divided into a number of fixed steps which are briefly discussed below.
Domain validation proves that you actually manage the domain for which you are applying for an Extended Validation SSL certificate. When applying for Comodo certificates, a choice can be made between three methods (e-mail, placing a file, and DNS), while EV SSL certificates by GlobalSign, Symantec, GeoTrust and Thawte exclusively use validation by e-mail. Be aware that every domain or subdomain must be confirmed separately. In the case of e-mail validation, the supplier of the EV SSL certificate will send a message to the e-mail address submitted in the application. This e-mail will contain a link to a web page where you enter in the password and the unique code of the certificate.
Company information check
The first step in applying for an EV SSL certificate is checking company information with an independent organisation. In the Netherlands, this is the Dutch Chamber of Commerce. The following information is checked:
- The registered name or trade name of a company
- Legal form
- Address and contact information
- Postal code and city
- Country or country code
It’s important that in the application, the company name submitted matches the trade name registered in the Chamber of Commerce trade register. If the registered name does not match or is not written correctly, the application will be denied. Although the registered name (with the trade name between parentheses) is a requirement when applying for an EV SSL certificate in principle, independent persons only need to fill in a trade name.
In the Whois register (a protocol that allows you to retrieve information about a domain), the owner of a domain name is registered. The Whois information of the requested domain is compared to the certified company information. The contents of the two have to match in order to be able to obtain an EV SSL certificate. For changing Whois information, contact the administrator of your domain name. They will be able to adjust the information for you.
EV documents and validation by phone
In order to be eligible for an EV SSL certificate, several documents will have to be submitted. This includes a certificate request form and a certificate subscriber agreement. These forms are generally filled in beforehand; the organisation’s contact will usually only have to check, sign and return them. As an extra precaution, the employee listed in the application as contact is telephoned. The call is placed to a publicly listed telephone number of the company. By means of the verification by telephone, they check that the organisation in question really is the party that applied for the EV SSL certificate.
Most important advantages to an Extended Validation SSL certificate
Although an EV SSL certificate is a bit more of a hassle with regards to cost price and application process than a ‘regular’ DV SSL certificate, there are several important advantages to the former option:
- An Extended Validation SSL certificate ensures a higher level of customer confidence. Because the application makes the safety level of a website immediately visible, the company gains credibility. Extra confidence and a safe online shopping environment will sooner encourage customers to actually make a purchase. Eventually, the use of an EV SSL certificate will result in more conversions and higher customer loyalty.
- The EV SSL certificate shows the company name in the address bar and gives summary information on the domain owner. The visual signal (the characteristic green address bar with company information) that the EV SSL certificate provides, is a universal sign of credibility. Even less experienced internet users usually know that a green bar means a high level of security.
- DV certificates have become increasingly popular because they are becoming available for free through Let’s Encrypt more often. This means that if you want to distinguish yourself from the competition, a DV certificate will no longer suffice.
- The use of an SSL certificate on the entire website often results in a higher position in the Google rankings. Reliability and security are criteria that the search engine considers when showing relevant search results.
|EV certificate||DV certificate|
|Lead time||1-2 weeks||Immediately|
|Padlock in browser|
|Green address bar in browser||X|
|Distinguished compared to competition||X|
Permanent security thanks to an SSL certificate
There are two ways to use an EV SSL certificate. You can only secure pages where visitors fill in or submit information, such as contact or order forms, or you can secure all pages.
The latter is called the ‘always-on principle’, and it’s on the rise. This approach not only secures pages where visitors leave personal information, but secures the entire website. This means the homepage and other important landing pages also show the green address bar and identity information of the EV SSL certificate. This prevents data that is sent from the website from being intercepted when a switch is made from a secure to an unsecure page within the website. At Savvii, we recommend the ‘always on’ method. This is easily set up through our control panel.
SSL certificates at Savvii
Savvii provides both DV SSL certificates and EV SSL certificates by Comodo. The EV certificate is a little pricier, but does offer more information on the domain owner and is more secure because of the strict verification process. We also offer extensive manuals for the application and implementation of an SSL certificate. Additionally, we at Savvii have the means and knowledge to make sure that sites with an SSL certificate maintain their speed and ease of use. This allows you to force your entire website onto https through our control panel, immediately after delivery.
Conclusion: an SSL certificate offers many advantages
Having an SSL certificate offers many advantages and is necessary these days to offer customers a safe internet environment. An EV SSL certificate is the most extensive and distinguishing option. The visibility of the certificate also creates confidence with the visitor. This added confidence will often result in more traffic and more turnover. Of course, just having an SSL certificate is not enough to create a safe website. Read our whitepaper with safety tips to optimally protect your information against hackers.