WordPress Security

Which SSL certificates Your Website Really Needs

December 28, 2016

Most websites on the internet show off that green lock in the address bar, telling shoppers that the website is secured and their credit card information is safe.

An SSL certificate is a web standard, and your website should have one – otherwise, your users won’t think you take security seriously.

So, here’s the big question: What’s the difference between a free certificate, a $10 certificate or a $200 certificate?

There is only one difference, and that’s how your website is authenticated. There are three types of authentication.

1) Domain Validation – $0 to $10 per year

Domain Validated SSL

The SSL provider just needs to validate your domain name, and this is usually an automatic process. Usually, the SSL provider just sends a confirmation code to the email which registered the domain name.

The benefits:

– An automatic process which will authenticate you instantaneously.

– It’s cheap, ranging from $0 to $10.

– Provides the green lock, indicating that your user’s data is being encrypted.

The downside:

– Anyone can get this SSL certificate, even fraudulent sites.

2) Organizational Validation – $100 to $200 per year

The SSL provider needs to validate your company using a more manual and time-consuming process. This is a more comprehensive verification method which requires you to send in documentation.

The benefits:

– Provides the green lock, indicating that your user’s data is being encrypted.

– Tells your user’s that your company is real, verified and not fraudulent.

The downside:

– A long and comprehensive verification process

– There is no simple way for your users to know that you went through this comprehensive verification process

– This manual process can take weeks to get your certificate

3) Extended Validation – $200+ per year

Extended Validated SSL

The SSL provider needs to validate your company the same way as Organizational Validation but highlights the high-class certificate on your website by displaying your companies name beside the green lock within your browsers address bar.

The benefits:

– Provides the green lock, indicating that your user’s data is being encrypted.

– Highlights your certificate to everyone directly within the browser.

– Tells your user’s that your company is real, verified and not fraudulent.

The downside:

– A long and comprehensive verification process

– This manual process can take weeks to get your certificate

– Expensive

If you have a simple website which doesn’t ask your users for any personal information, I would recommend getting the cheaper Domain Validation SSL Certificate.

I would recommend staying away from Organizational Validation SSL Certificates because there’s no simple way for your users to know that you went through this comprehensive process to prove you have a real business.

If you have an e-commerce website or any website which asks users for personal information, I would recommend getting the Extended Validation SSL Certificate. It is more expensive, but at least it tells your users that you are a legit company because you had the comprehensive verification.