EV SSL: A Mighty Armor for the Security of E-commerce Websites

ev ssl encryption

Introduction & History of EV SSL Certificates

SSL certificates were first introduced to maintain the confidentiality of information transmitted between a user and a server. This was done so that no 3rd party could come in between and intercept any of the data transferred. This is done by means of encryption. For example, your password ‘12345’ might be transmitted as ‘ag5^*’. This makes it almost impossible for any invader to see and intercept the data sent by a user. Thus, SSL certificates provide a sense of security and trust to the customers.

For issuing an SSL certificate, the user first needs to validate domain ownership as well as the authenticity of his/her business in some cases. A trusted certificate authority (CA) needs to validate these details before issuing the certificate. The first SSL certificates to be introduced were organization validated (OV) certificates. These certificates were primarily aimed at the website owners who were looking to get an advanced level of protection. As a result, the certificate authorities had to employ a strict validation process. Consequently, this validation process limited access to SSL certificates for anyone but companies and organizations.

There wasn’t any option for small website owners or individual owners who were looking for the basic level of encryption. Domain validated (DV) certificates came into the picture to fill this void. To receive DV certificates, the users just need to validate via file/email based validation. This only takes minutes.

After DV & OV SSL certificates, the certificate authorities sought an even more advanced level of authentication. That is where the Extended Validation (EV) certificate comes in. They come with special visual indicators that differentiate them from the DV & OV SSL certificates. The EV certificates are primarily intended for business websites. That is why the issuance process of an EV SSL certificate has been designed to be rigorous and precise so that the legitimacy of the business can be authenticated without any compromise.

E-commerce & EV SSL Certificates: A Match Made in Heaven

Let’s face it, almost everything is sold on the internet these days. One click and Voila! Your favorite jacket is on its way. It is immensely convenient and beneficial for all the parties involved. Therefore, it’s acceptance is bound to rise even more. E-commerce sales are expected to hit the $4 trillion mark by 2020. But as they say, ‘With Great Power Comes Great Responsibility.’

This rapid rise in the global e-commerce market has also fueled a rise in the number of hacking attempts & fraudulent activities being conducted online. In October 2016, nearly 6000 e-commerce websites got hacked and the credit card details of their customers were sold online. This is dangerous territory and it needs to be treated with extreme caution.

The attacks by cyber perpetrators are inevitable. They do it by penetrating the website servers and trying to steal valuable information sent by the users. That’s why extended validation (EV) SSL certificates are trusted by the world’s top five e-commerce websites.

EV SSL encrypts sensitive data such as login details and credit card details so that no 3rd party can see or tamper with it. A green bar is displayed if the website is protected by an EV SSL Certificate. Believe me, this green bar can do wonders for you and your company. Having an SSL certificate installed on the website helps instill an element of trust in the customer’s mind and encourages them to buy on your site. Thus, they ultimately increase the conversion rate which leads to a rise in a company’s profitability.

Cons of not having EV SSL on an E-commerce Site

If you have an e-commerce platform and don’t have an EV SSL installed on your site, you’re losing it Big.

  • The robust safety & security provided by the EV SSL certificates is a must for any e-commerce platform today. But, you are losing out on a big customer base, too, even if you don’t realize it.
  • Trust is an essential function for any e-commerce business. If a customer doesn’t see a ‘Payment Secured’ option at the payment getaway, the chances of him/her buying from you have just gotten a lot thinner.
  • An SSL certificate not only assists in generating more business, but it also improves your search engine rankings.
  • The world’s largest search engine Google announced that SSL-enabled websites will be given priority compared to non-SSL sites back in 2014.

EV SSL Certificates Comparison

comodocomodoThawtegeotrustSymantec
FeaturesComodo EV SSLComodo EV Multi Domain SSLWeb Server EVTrue BusinessID with EVSecure Site with EV
Price for 1 year$145.99$259.99$149.00$139.00$659.00
Price for 2 years$127.74/yr$227.49/yr$130.00/yr$122.00/yrSymantec$579.00/yr
Multiple year optionsYesYesYesYesSymantecYes
Domains securedSecures WWW & NON-WWW Domain as Single Domain Name (FQDN)Secures WWW & NON-WWW Domain as Single Domain Name (FQDN)Secures WWW & NON-WWW Domain as Single Domain Name (FQDN)Secures WWW & NON-WWW Domain as Single Domain Name (FQDN)Secures WWW & NON-WWW Domain as Single Domain Name (FQDN)
Issuance speed1-5 Days1-5 Days1-5 Days1-5 Days1-5 Days
Validation requiredExtensive Business and Domain ValidationExtensive Business and Domain ValidationDomain and identity authentication and verificationExtensive Business and Domain ValidationExtensive Business and Domain Validation
Notification level in browsersGreen Address Bar + Organization NameGreen Address Bar + Organization NameGreen address bar, domain name, and business name shown on certificateIE7 Green Address Bar + Domain Name and Business Name Shown On CertificateBusiness Name Displayed in Green Address Bar
+
Domain Name and Business Name Shown On Certificate
Encryption strengthUp to 256-bitUp to 256-bitUp to 256-bitUp to 256 BitUp to 256-bit
Browser compatibility99%99%99%99%99%
Includes site seal Comodo Site Seal Comodo Site Seal Thawte Site Seal GeoTrust Site Seal Norton™ Secured Seal
Daily malware scanningNoNoNoNoYes
Free vulnerability assessmentNoNoNoNoYes
ReissueUnlimited – Till Certificate Life spanUnlimited – Till Certificate Life spanUnlimited – Till Certificate Life spanUnlimited – Till Certificate Life spanUnlimited – Till Certificate Life span
Server licenseUnlimitedUnlimitedUnlimitedUnlimitedSingle Server – Additional server licenses Required
Support optionsYesYesYesYesYes
Warranty$1,750,000$1,750,000$1,500,000$1,500,000$1,750,000
Green address barYesYesYesYesYes
Refund policy15 Days15 Days15 Days15 Days15 Days
Read MoreRead MoreRead MoreRead MoreRead More

Conclusion

Without a shadow of a doubt, the curve of the e-commerce industry is going to continue upwards alongside attempts to hack it. Consequently, the importance of EV SSL certificates should not be underestimated.

Customers are becoming more and more aware of their security. A Recent survey conducted by CyberSource showed that 85% of UK online shoppers look for signs indicating that a website is secure. This is a massive number and it shows why one absolutely cannot afford not to have an EV SSL certificate installed on their e-commerce website.

If you have an e-commerce website and don’t have an EV SSL certificate, then go ahead and get one, it’s never too late!!

Important Resources

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.