The SSL certificate is a digital "signature" used to secure (encrypt) the exchanges between a website and its visitors. It is necessary to activate the https protocol, symbolized by the famous padlock located next to the URL in all browsers.

While all SSL certificates offer the same basic security, they do not offer the same guarantees or the same confidence. For this reason, the choice of the type of SSL certificate is decisive to ensure the best security conditions and to obtain the preference of visitors.

SSL EV Certificates: SECURITY + GUARANTEE + TRUST

EV SSL certificates (extended validation) for companies are issued by the 1st control authority in the world Comodo / Sertigo. They are particularly effective protection against online spoofing and phishing.

EV SSL certificates are exclusively reserved for companies registered in the commercial register. This is a very low cost investment that nevertheless generates a great deal of trust and security.

Can a hacker buy an SSL certificate with a name similar to that of my company (example: societe.com and sociefe.com)?

This is one of the huge advantages of EV SSL Certificates. They are validated manually on the basis of official registers. The possibility that a hacker could register a company with a deliberately similar name is therefore practically nullified by this first step of registration and verification. It is also for these reasons that it takes about 48 hours to get it.

The dangers of domain validated SSL / TLS certificates

SSL certificates do more than encrypt data, they also authenticate websites. This is an important and fundamental function because it builds trust. Visitors to websites see the SSL or HTTPS padlock and think the site is genuine.


What is domain validation?


In the fight against bogus sites, phishing and fraud, trustworthy SSL certificates play a vital role. Therefore, domain validated certificates can be dangerous. Certificate authorities (CAs) issue a domain-validated certificate to anyone listed as the administrative contact for a domain in the WHOIS record for a domain name. They just send an email to the contact's email address, and voila.



This is the lowest level of authentication used to validate SSL certificates. At higher levels, certificates are validated organizationally and by Extended Validation (EV), which requires more detailed checks.

SSL / TLS certificate authentication

Why they can be dangerous The problem with domain validation is that cybercriminals can easily obtain SSL certificates for phishing sites by otherwise spelling a legitimate domain name. For example, if they want to target the BankOne.com site, they can register bank1.com and, from a free email account, obtain a domain-validated SSL certificate for that site.

When a visitor gets tricked into visiting the phishing site, they see the HTTPS and SSL padlock reassuring them, and not necessarily rearranging the misspelled address.

How to detect a certificate validated by the domain?

It is really very difficult to tell if a certificate is validated by the domain. Therefore, users can completely trust your site as the cloned phishing site, and when they find out that their bank details have been stolen, they can blame you.

Practices vary from CA to CA on how to verify website owners, but it is certain that Extended Validation certificates have the highest levels of authentication, which your visitors can see if your bar address is green (see examples of the most popular browsers below).

The reliable alternative

With all of these bogus sites using easily obtained SSL certificates, website owners cannot afford to take a risk with domain validated certificates. Particularly if the site requests very sensitive or personal information, users will need to seek additional assurance.

The choice of a certificate issued by a reputable CA such as DigiCert, and a high level validation method such as Extended Validation, is a much more reliable alternative. And for sure, this is a better choice for your business than the other.

To learn more about SSL, from how it works to how it is configured on your servers, download our interactive resource "Definition of SSL" now.


SSL / TLS security and Extended Validation


For well-known companies, using SSL / TLS certificates with Extended Validation (EV) has proven to be the best defense against phishing. For an online business, using SSL with EV can have a huge impact on its bottom line. Online shoppers are more likely to provide their credit card information and / or other confidential financial information on a website that sports the SSL / TLS green bar with EV.
Vulnerabilities of websites

Phishing and online fraud undermine customer trust

Identity theft and browser warning issues erode consumer trust, even on secure pages. To regain their trust, site owners need an easy and reliable way to show their visitors that their transactions are secure, and that they are who they say they are. Certification authorities and Internet browser vendors have joined forces to establish the EV standard for SSL / TLS certificates.

Green address bar restores trust with Extended Validation

An SSL certificate with EV gives customers the assurance that they are interacting with a trusted website and that their information is secure. An SSL certificate with EV triggers the display, for highly secure web browsers, of the name of your organization in a green address bar and the name of the certificate authority that issued it. The certification authority applies a rigorous, controlled authentication method and browsers control the display, making it difficult for phishers and other counterfeiters to take over your brand and your customers.

What is an SSL Extended Validation (EV) Certificate?

Extended Validation SSL Certificate (or known as EV SSL provides the highest level of SSL security. Encryption and data integrity is guaranteed regardless of the SSL level chosen - Extended Validation (EV ), Organization Validation (OV), and Domain Validation (DV), but they vary depending on the degree of identity verification.

Extended validation certificate verification

When verifying an EV SSL certificate, the website owner goes through a comprehensive and globally standardized identity verification process. He must prove that he has exclusive rights to use a domain, confirm its legal, operational and physical existence, and prove that the entity has authorized the issuance of the certificate. This verified identity information is included in the certificate.

The process for verifying OV and DV certificates is not as comprehensive. For DV certificates, the website owner only needs to have proof that they have administrative control over the domain. OV certificates include some identity information about the site operator, but they are not as complete as EV certificates. To view your company's identity information, visitors should click to view certificate details.

The user interface (UI) of the extended validation certificate

EV SSL certificates activate HTTPS and the now gray padlock in the address bar of browsers, just as DV and OV certificates do. The additional cost and time spent on verification makes it more difficult for a phishing site to obtain an EV level certificate. Visitors to your site can therefore use this certificate (among other factors) as a token of trust. Visitors know with more certainty that the website is actually operated by your business and feel more secure in communicating and making purchases.
What are the advantages of the EV SSL certificate?

Phishing websites, or imposters, are still a major threat to legitimate websites and online services. Phishers have recently started using domain validated certificates (usually obtained from a free SSL service that doesn't conduct proper phishing checks), to make their sites appear more trustworthy. They thus deceive unsuspecting victims and trick them into disclosing financial or personal information. This problem is only growing and emphasizes the need to verify identities online. Visitors need to see some sort of assurance of the identity of the company they are dealing with to feel more secure when shopping online.

EV SSL makes it possible to combat this problem by giving a central place to the verified identity of the site operator, by displaying it directly in the address bar.

Who should use an EV SSL certificate?

An EV SSL Extended Validation Certificate can be used for any application that requires enhanced identity and trust assurance. The most visited websites, such as banks, financial institutions and major brands, are often targeted by phishing attacks, and that is why it is necessary that they use an EV SSL certificate for their public websites. . However, any site that collects personal data or makes online payments and customer account connections can benefit from having their verified brand displayed on the internet.

EV SSL certificates include a manual validation step to confirm:

The legal, physical and operational existence of the entity
Verification that the entity has properly authorized the issuance of the certificate
The fact that the entity has an exclusive right to use the specified domain
The fact that the identity of the entity corresponds to official documents


Pay with confidence With Visa / Mastercard / Secure Paypal (SKRILL)