Padlocks
Finding the right lock to showcase on your website isn’t always easy, but you can count on us to narrow down which is right for you!

A few days ago, we talked about the importance of having an SSL certificate before Chrome 68 starts publicly shaming unsecured websites in July. If you’ve been by our store since then to secure your website, you’ve also probably noticed we offer two different types of SSL certificates: Standard or Premium.

You’ve probably also noticed one commands a higher price tag than the other, and may not know what the big deal is. Don’t worry, you’re definitely not alone in this. We’re going to take some time to lay out what each certificate brings to your customers’ experience.

Here are the areas we’ll be discussing for comparison:

• Data encryption for logins, credit cards, contact forms, etc.
• Types of validations each certificate proves
• Protection visibility in your customers’ internet browsers
• The ease of installation for each type of certificate
• Google Search Engine Optimization (SEO) boost capability

Each type of certificate has its own pros and cons, and not every business needs to shell out for a more expensive Extended Validation (EV) certificate to inspire consumer and visitor trust in their business or organization website. Ready to see if yours is one of the ones that does? Excellent, let’s dive right in then!

Does one type of SSL provide better data encryption than another? Answer: No

Google has pushed the HTTPS Everywhere initiative in order to help facilitate a safer browsing experience for everyone who uses the Internet. While there are different types of encryption (2048 vs 4096), both are still perfectly suited to protecting any information that is submitted through a website, and will be for the foreseeable future.

Both Standard and Premium EV SSLs we sell come with 2048 bit encryption from a recognized Certificate Authority (CA). What this means for you is that both types of certificates will protect any data submitted through your website.

You don’t have to worry about potential breaches as the few CAs that are out there have undergone rigorous reviews to ensure their SSLs are up to the task and able to gain the trust of internet browsers. Some CAs (including the one we use) also require additional validation before being issued.

Which SSL certificate requires more validation to be issued? Answer: Premium EV

All SSL certificates we sell require you to verify you own the domain (or subdomain) that you are attempting to issue the SSL certificate for. If your domain is in the same account as your SSL, this is usually done automatically. If your domain is not in the same account, you usually have to add a DNS record for validation.

Premium EV SSLs take this several steps further. In addition to domain validation, they validate the name of your business or organization, as well as current contact information and other details about your business.

This is a great way to showcase business legitimacy, which comes into play for several different types of businesses. The most common ones this matters for are commerce-based websites (especially those that allow credit cards to be taken right on the site), financial institutions like banks, and larger companies that would be at risk for impersonation.

But how can your customers see that you’ve gone through this rigorous process to earn their trust? We’re glad you asked.

Which type of SSL certificate is easier to identify in an internet browser? Answer: Premium EV

Most internet browsers will show a Standard SSL certificate subtly in the address bar. These will be identified by the use of “https” and either a padlock icon (for sites that have made sure all their content links using “https” or a warning icon if some elements like pictures are still using “http” to link.

Premium EV SSLs do not dabble in subtlety.

A big green bar will take up the first section of the address bar when you visit a website that has a Premium EV SSL certificate in many browsers. This bar comes complete with a green padlock icon, as well as the name of the business or organization that the certificate was issued to.

The eye is naturally drawn to that area because this is generally the only time there is going to be such a drastic color change in that area of anyone’s internet browser, so most people are going to notice this when it comes up. Some browsers simply use green text for the business name, which will often have the same effect.

Take a moment to go to Mozilla’s website and see how it looks compared to Wikipedia. Pretty big difference, right?

Which SSL certificate is easier to install on my website? Answer: Standard

We’ve covered the major selling points of Premium EV SSLs, but they come at a couple of different prices.

The first is quite literal: direct cost. Standard SSL certificate installation is generally very straightforward. It doesn’t require tons of verification, paperwork, or effort if you’re familiar with the general installation process (and even less if you take advantage of the automatic installation for hosting plans on the same account).

Premium SSLs come at a higher price point because they typically take more labor on the issuer’s side to verify, and also come with a much higher warranty for your customers. This warranty exists so if the unthinkable happen and either a certificate is issued to the wrong company or your customers suffer financial loss through a breach in your site’s SSL, you have some recourse to reimburse them.

The warranty element is not terribly relevant in most cases, however, as a CA that allows either scenario to happen usually suffers enough of a financial blow that they do not remain one afterward. Take some time to look into a company called DigiNotar and you’ll see what we mean very quickly.

The second price you’ll pay is in time. Installing a Premium EV SSL can take as long as 30 days in extreme cases. While you do have access to a Standard SSL while verifying your Premium EV certificate, this is a long time to wait, and requires a lot of extra work when you factor in multiple validations and SSL installations.

While this is more than worth it for many larger companies and storefronts that directly handle payments, informational websites for small and medium businesses usually don’t need to go through this. Standard SSLs issue very quickly and can fully install on a server within 72 hours after they are issued (and it’s very rare for this process to take the full amount of time).

Does the type of SSL I use have a different impact on my SEO? Answer: Not significantly

Trust is definitely an important element when it comes to SEO rankings, especially with Google. With that in mind, it stands to reason that an EV SSL is going to deliver a stronger improvement to your website’s SEO, right?

That hasn’t been our experience to this point. While there isn’t a lot of comprehensive data out there on this, this is a perfect example of Google telling us just enough information without giving up an important part of their ranking algorithm.

HTTPS Everywhere cares primarily about your site being secured – nowhere in Google’s announcements or discussions do they say one type of certificate is better than another, and with most CAs building domain verification into the issuing process, there’s a measure of trust baked into Standard SSLs like ours right off the bat.

Additionally, it is worth noting that an SSL is not a substitute for elements like good written content, regular website updates, and optimization for fast load times. Its importance as a ranking signal is a ways down the list of things you need to focus on first.

This doesn’t mean you shouldn’t implement this from the inception of your website (because you should), but you also need to ensure the more important elements of your website are in line as well, both in the design process and as you maintain and update it.

In short, while it would make sense for Premium EV SSLs to provide a bigger boost than a Standard SSL, there isn’t data to support this, and even if there were, your funds are better invested in different types of website security or elsewhere in your business.

Where can I get help installing my SSL certificate?

In addition to including Standard SSLs as part of our website design service, you can also hire us to manually install a Standard or Premium SSL you purchase through our store. Give us a call at 319-229-5225 so we can go over the type of hosting you use and discuss your installation options!

Braden Gardner

Braden is one of the founders of Midwest Websites, and has been professionally writing and developing websites for over 6 years. His blog posts often take an experience from his life and showcase lessons from it to help you maximize online presence for your business.