Padlocks
Finding the right lock to showcase on your website isn’t always easy, but you can count on us to narrow down which is right for you!

During an earlier post, we talked about Chrome’s move to start publicly shaming websites without an SSL certificate in July 2018. For those who have not read this post yet and are unfamiliar with what an SSL certificate is, take a moment to look it over before reading this post, as you’ll need the background to follow along here.

If you’ve been by our store at any point to secure your own website, you’ve probably noticed we offer two different types of SSL certificates: Standard and Premium. You’ve probably also wondered why one commands a higher price tag than the other, and may not know what the big deal is.

Don’t worry, you’re definitely not alone in this. We’re going to take some time to lay out what each certificate brings to your customers’ experience. Here are the areas we’ll be discussing for comparison:

  • Data encryption for logins, credit cards, contact forms, etc.
  • Types of validations each certificate proves
  • Protection visibility in your customers’ internet browsers
  • The ease of installation for each type of certificate
  • Google Search Engine Optimization (SEO) boost capability

Each type of certificate has its own pros and cons, and not every business needs to shell out for a more expensive Premium Extended Validation (EV) certificate to inspire consumer and visitor trust in their business or organization website. Ready to see if yours is one of the ones that does? Excellent, let’s dive right in then!

Does one type of SSL provide better data encryption? Answer: No

Google has been pushing the HTTPS Everywhere initiative for years in order to help facilitate a safer browsing experience for everyone who uses the Internet. From little benefits in SEO to active warnings in Chrome, the pressure has on webmasters has slowly been mounting. So how do you secure a website? You’ll begin by finding a Certificate Authority (CA).

Chrome SSL CA error
This is an example of what your customers might see in Chrome if they try to access a website that is using a self-signed SSL.

CAs are essentially organizations who have been vetted and approved as trustworthy entities to issue SSL certificates. No browser is going to bat an eye at a properly installed SSL from one of these providers. The most common alternative is to issue self-signed SSLs for your needs. While you can typically issue these SSLs at no charge using a web hosting server, there are two primary issues that make this shortcut a danger to your online presence:

  • A risk of weaker encryption (your hosting provider or server admin can offer insight on this)
  • A very high risk of warnings popping up for visitors accessing your “secured” website

While encryption from CAs can also vary like self-signed SSLs (2048-bit vs 4096-bit), both of these are still perfectly suited to protecting any information that is submitted through a website, and will be for the foreseeable future. Anything less from a self-signed is better than nothing, but isn’t an adequate security option no matter how you slice it.

You’ll find this especially true once you factor in the fact that security warnings from self-signed SSLs will almost always occur before someone can even access your website, costing you far more business than the money you saved by not securing your site correctly with a CA.

Fortunately, both the Standard and Premium EV SSLs we sell come with 2048 bit encryption from a recognized CA (Starfield Technologies). What this means for you is that both types of certificates will protect any data submitted through your website, ensuring you get the security you and your customers deserve while on your website.

Which type of SSL requires more validation to be issued? Answer: Premium EV

All SSL certificates we sell require you to verify you own the domain (or subdomain) that you are attempting to issue the SSL certificate for. If your domain exists in the same account as your SSL, this is often done automatically. If your domain is not in the same account, you usually have to add a DNS record for validation.

Premium EV SSLs take this several steps further. In addition to domain validation, they validate the name of your business or organization, as well as current contact information and other details about your business. You may have to call, mail, and/or fax these details into your CA.

While this is admittedly a lot more work than you’d go through for a Standard SSL, a Premium EV SSL is a great way to showcase your business legitimacy, which comes into play for several different types of companies. The most common ones this matters for are commerce-based websites (especially those that allow credit card details to be taken right on the site), financial institutions like banks, and larger companies that would be at high risk for impersonation.

But how do you show your customers that you’ve gone through this rigorous process to earn their trust? We’re glad you asked.

Is one type of SSL certificate easier to identify in an internet browser? Answer: Premium EV

Most internet browsers will show a Standard SSL certificate subtly in the address bar. You can identify their presence by the use of “https” and either a padlock icon (for sites that have verified that all their content links using “https” or a warning icon if some elements like pictures are still using “http” to link.

Premium EV SSLs do not dabble in subtlety.

Premium EV address bar
Here’s what a site with a Premium EV SSL looks like in Firefox. Rather than using a green bar, you’ll note that bright green text is used instead.

A big green bar will often take up the first section of the address bar when you visit a website that has a Premium EV SSL certificate in many browsers. This bar comes complete with a green padlock icon, as well as the name of the business or organization that the certificate was issued to.

Your eye is often naturally drawn to that area because this is one of the the only times there is going to be such a drastic color change in that section of an internet browser, so most people are going to notice when it comes up. Some browsers simply use green text for the business name, which will usually have the same effect.

Take a moment to go to U.S. Bank’s website and see how it looks in your address bar compared to Wikipedia. Pretty big difference, right?

Which SSL certificate is easier to install on my website? Answer: Standard

We’ve covered the major selling points of Premium EV SSLs, but they come at a couple of different prices.

The first is quite literal: direct cost. Standard SSL certificate installation is generally very straightforward. It doesn’t require tons of verification, paperwork, or effort if you’re familiar with the installation process (and even less if you take advantage of the automatic installation we offer for primary domains of web hosting plans on the same account).

Premium SSLs come at a higher price point because they typically take more labor on the issuer’s side to verify, and also come with a much higher warranty for your customers. This warranty exists so if the unthinkable happens and either a certificate is issued to the wrong company or your customers suffer financial loss through a breach in your site’s SSL, you have some recourse to reimburse them.

That said, the warranty element is not terribly relevant in most cases, as a CA that allows either scenario to happen usually suffers enough of a financial blow that they do not remain one afterward. Take some time to look into a company called DigiNotar and you’ll see what we mean very quickly.

The second price you’ll pay is in time. Installing a Premium EV SSL can take as long as 30 days in extreme cases. While you do have access to a Standard SSL during the verification of your Premium EV certificate, this is a long time to wait and requires a lot of extra work (notably the multiple validations and SSL installations required for this process).

This is more than worth it for many larger companies and storefronts that directly handle payments, but informational websites for small and medium businesses usually don’t receive much benefit by enduring these extra steps. Standard SSLs usually issue very quickly and can be fully installed and active on a server within hours (and sometimes minutes) of their issuing. We’ve also got a handy guide for how to take care of SSL installation manually, as well as the below videos.

Does the type of SSL I use have a different impact on my SEO? Answer: Not significantly, if at all

Trust is definitely an important element when it comes to SEO rankings, especially with Google. With that in mind, you might think it stands to reason that a Premium EV SSL is going to deliver a stronger improvement to your website’s SEO, right?

That hasn’t been our experience to this point. While there isn’t a lot of comprehensive data out there on this particular ranking signal, this is a perfect example of Google telling us just enough information without giving up an important part of their SEO algorithm.

HTTPS Everywhere cares primarily about your site being secured – nowhere in Google’s announcements or discussions do they say one type of certificate is better than another, and with most CAs building domain verification into the issuing process, there’s a measure of trust baked into both Standard and Premium EV SSLs right off the bat.

Additionally, it is worth noting that an SSL is not a substitute for elements like good written content, regular website updates, and hosting/on-site optimization for fast load times. Its importance as a ranking signal is a ways down the list of things you need to focus on first.

This doesn’t mean you shouldn’t implement an SSL from the inception of your website (because you should), but it does mean you also need to ensure the more important elements of your website are in line as well, both in the design process and as you maintain/update it.

In short, while it would make sense for Premium EV SSLs to provide a bigger boost than a Standard SSL, there isn’t data to support this idea currently, and even if there were, your funds are better invested in additional website security or elsewhere in your business.

Where can I get help installing my SSL certificate?

In addition to including Standard SSLs as part of our website design service, you can also hire us to manually install a Standard or Premium SSL you purchase through our store. Give us a call at 319-229-5225 so we can go over the type of hosting you use and discuss your installation options!