Network Solutions

Choosing an SSL Certificate

Internet Security Learning Center

Helping to keep your web site secure

Learn how to secure your Small Business Web site from threats and how to create trust and increase confidence in your e-commerce offerings by using SSL Certificates, Site Seals, privacy policies, and copyrights and trademarks.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Web Security > Which SSL Certificate Does Your Web-Based Business Need?

Which SSL Certificate Does Your Web-Based Business Need?

 

Ensuring the security and privacy of your E-commerce customers doing business with you online is essential to establishing customer confidence and trust. That confidence and trust is established through securing communication between your customer's Web browser and your site, generally by way of an SSL Digital Certificate. You can install an SSL Certificate yourself or one can be provided to you by your Web hosting provider or a third-party transaction-processing company.

Upon seeking to establish secure communications with your Web-based business (for example, when a consumer initiates an online purchase) the consumer's browser seeks to validate your Web site's authenticity by requesting a digital certificate that verifies the identity of the Web site owner. Once that certificate is recognized, a Secure Sockets Layer (SSL) connection is established, encrypting data transmitted between you and the consumer including such information as credit-card and bank-account numbers.

Online businesses may currently choose between three types of SSL Certificates: Organizationally Validated (OV) Certificates, Domain Validated (DV) Certificates, and a third type of SSL Certificate, called Extended Validation Certificates, was introduced in early 2007. All SSL Certificates include data encryption and trigger the browser to display a closed padlock and the "https" prefix in the browser address window. However, not all provide the same level of validation that the bearer of the SSL Certificate is truly a legitimate business.

  • ORGANIZATIONALLY VALIDATED (OV) CERTIFICATES: This level of SSL security validation, currently offered by Network Solutions® and other certificate authorities (CAs), assures the validity of a Web site by verifying that the applicant is a legitimate business. Before issuing the certificate, the CA performs a rigorous validation procedure, including checking the applicant's business credentials (such as the Articles of Incorporation) and verifying the accuracy of its physical and Web addresses. An Organizationally Validated Certificate is an excellent choice for any business conducting online transactions and accepting sensitive data, such as credit-card numbers, from customers.
  • DOMAIN VALIDATED (DV) CERTIFICATES: The validation procedure is less rigorous for a Domain Validated Certificate. When issuing a Domain Validated Certificate, the CA checks only that the applicant's name and contact information matches the registration information in the WHOIS database for the domain name associated with the SSL Certificate. Because CAs aren't required to validate the legitimacy of the applicant's business, Domain Validated Certificates are a good choice for businesses where customers will not be transmitting sensitive data or are less concerned about issues of identity assurance.
  • EXTENDED VALIDATION (EV) CERTIFICATES: The newest level of Certificate validation is now available from Network Solutions. Introduced in early 2007, Extended Validation Certificates are the first SSL Certificates to adhere to industry-wide certification guidelines established by leading Web browser vendors and Certificate Authorities, including Network Solutions. The Certificate application process itself is more thorough and the validation criteria more rigorous for EV certification, whose applicants, at least initially, are limited to incorporated entities and government agencies. Among the new features of EV Certificates is the color-coding of the Web browser's address bar to signal secure connections. The browser navigation window turns green to indicate an authentically validated site with an EV Certificate, full security, and encryption in place, and turns red when it encounters a known phishing or otherwise untrustworthy site.

At present, Organizationally Validated Certificates remain the best choice for E-commerce web sites of unincorporated small to medium-sized businesses. These businesses should consider upgrading to EV Certificates, however, when they become incorporated. For those businesses that are incorporated and eligible for an EV Certificate, it is recommended that they purchase or upgrade to an EV Certificate today.

The Bottom Line: Network Solutions is a leading provider of SSL Certificates. To learn more about Network Solutions SSL Certificate services or to purchase your SSL Certificate today, please visit our SSL Certificates Product Page.