Extended Validation
Extended Validation Certificates (EV) are a special type of certificate which requires more extensive investigation of the requesting entity by the certificate authority before being issued.
Why Buy Extended Validation?
Most browsers' user interfaces do not clearly differentiate between low-validation certificates and those that have undergone more rigorous vetting. Since any successful SSL connection causes the padlock icon to appear, users are not likely to be aware of whether the website owner has been validated or not. As a result, fraudsters (including phishing websites) have started to use SSL to add perceived credibility to their websites.
By establishing stricter issuing criteria and requiring consistent application of those criteria by all participating CAs, EV SSL certificates are intended to restore confidence among users that a website operator is a legally established business or organization with a verifiable identity.
Issuing Criteria
Only CAs who pass an independent audit as part of their WebTrust (or equivalent) review may offer EV, and all CAs globally must follow the same detailed issuance requirements which aim to:
- Establish the legal identity as well as the operational and physical presence of website owner;
- Establish that the applicant is the domain name owner or has exclusive control over the domain name; and
- Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer.
User interface
Browsers with EV support display more information for EV certificates than for previous SSL certificates. Microsoft Internet Explorer 7, Mozilla Firefox 3.5, Safari 3.2, Opera 9.5, and Google Chrome all provide EV support.
The Extended Validation guidelines require participating Certificate Authorities to assign a specific EV identifier, which is registered with the browser vendors who support EV once the Certificate Authority has completed an independent audit and met other criteria. The browser matches the EV identifier in the SSL certificate with the one it has registered for the CA in question: if they match, and the certificate is verified as current, the SSL certificate receives the enhanced EV display in the browser's user interface.
Types of Extended Validation
There are different types of Extended Validation (EV) ranging from: Verisign EV, Comodo EV, Thawte EV and GeoTrust EV. They conduct the same, ir not similar checks, which is the reason they are significantly more expensive then the standard SSL Digital Certificate.
