SSL Certificates: What They Are and the Different Types
It can be difficult to navigate all the different layers of being a website owner. One of the most confusing aspects is that of website security, and all of the terminology that goes with it. Below, we give you an overview of what SSL Certificates are, and the different types you can choose from.
What is SSL?
You may have heard the terms SSL and HTTPS being thrown around lately, in reference to Google’s announcement that they will be marking sites not using SSL as “non-secure”.
SSL/TLS Protocol adds a layer of security over your interaction with web pages, encrypting the data exchanged to prevent data corruption and eavesdropping, and ensuring that you are only communicating with the intended website. A user is made aware that a site is secure by the green padlock icon, the word ‘Secure’, and the https:// prefix on the address of the site in the address bar.
Achieving a secure site requires installing an SSL certificate on your web server, thereby activating a secure session between a browser and the web server hosting the certificate. An SSL Certificate is a verifiable small data file that contains identity credentials, allowing websites, people, and devices to authenticate their identity.
The Different Types of SSL Certificates
There are three different types of SSL certificates available. The encryption levels are the same for all three, the differences being the verification process for obtaining each and the reflection of the certificate in the browser address bar.
1. DV SSL Certificate (Domain Validated)
Domain Validated SSL Certificates would be enough for a basic website that only collects non-sensitive data via means such as subscriber sign-up forms and contact forms.
The Certificate Authority checks the right of the applicant to use a specific domain name. Company information is not submitted or checked, and only the Secure Site Seal is displayed.
The downside of this type of certificate is that the user cannot be sure who is on the receiving end of the information they are submitting, making this not an ideal certificate for credit card payments or sensitive user information.
DV SSL Certificates are low cost or even free (check out our post on Let’s Encrypt).
2. OV SSL Certificate (Organisation Validated)
Organisation Validated SSL Certificates are one step up in the transparency of who is behind the website. The Certificate Authority checks the right of the applicant to use a specific domain name as well as conducting some vetting of the organisation.
3. EV SSL Certificate (Extended Validation)
Extended Validation SSL Certificates come with your own vanity plate! Just kidding, but they do reflect your organisation’s name alongside the padlock icon, instead of the word ‘Secure’. These certificates are issued through a thorough vetting of the organisation, and bestow the highest amount of authenticity.
Where do I get an SSL certificate?
Luckily for the small business owner, most hosting comes with a free Domain Validated SSL certificate, meaning you have SSL already! Talk to your hosting provider or web developer, or get in contact with us for free advice.