Extended Validation

The Extended Validation (EV) SSL Certificate is the best choice if you want to build customer relationships based on security and trust. This certificate is issued only after the Certificate Authority (CA) performed an extensive verification of your company and its owner, confirming that your business is trustworthy. The validation process can take a few business days. But if you keep your company’s records up to date, the Extended Validation SSL certificate will be issued quickly, confirming that your company owns the website.

This type of SSL certificate significantly enhances the trust level of your website. Extended Validation certificates are highly effective in providing protection against phishing attacks. By displaying the well-known green address bar, your clients feel safer while performing transactions, and this fact will definitely boost your conversions. This is why Extended Validation certificates are considered the most reputable SSL Certificates for your website.

Any business that is officially registered with a government authority can qualify for an Extended Validated SSL Certificate. This certificate is issued only after the Certificate Authority (CA) performed an extensive verification of your company and its owner, confirming that your business is trustworthy.

In order to have the Green Address Bar on your website, you have to purchase an Extended Validated (EV) SSL Certificate. We offer EV SSL certificates for different purposes, assuring different levels of security. You can find the whole list of EV certificates issued by 4 global leaders Internet Security at this link.

ev2ev1You can check if you have an Extended Validation SSL Certificate by looking at the attributes of your SSL Certificate. Please open the two screenshots on the right in order to see where you can find the information about the validation type of your SSL Certificate.

Different SSL Certificate brands have different Extended Validation procedures. Please read the section that applies to your SSL Certificate brand below.

Comodo

You need to provide information about your company and your company’s phone number as a part of the Extended Validation. There are two things that you need to do:

1) Kindly download the following two forms:
– EV Certificate Request Form
EV SSL Subscriber Agreement
Both these documents are in PDF format. Please fill them in and sign them. You will need to provide them to Comodo Validation Center, in order to pass the Extended Validation process.

2) Please validate your phone number. There are three ways to do that. You don’t have to do all three things from below. Doing just one of them will be enough.

2.1) The first way is to provide your DUNS number to Comodo. You can get your company’s DUNS number from this website: https://www.dandb.com/. If Comodo gets back to you and says that your DUNS listing does not contain a phone number, then you need to contact Dun & Bradstreet (at https://www.dandb.com/) and ask them to “add your company’s phone number to their business directory and on the report”.

2.2) If you don’t have a DUNS number, then the other thing you can do is to provide your company’s registration number for Comodo to check your company with your country’s governmental directories (e.g.: Corporation Division, Companies House, Department of State, etc). Please note that Comodo will be looking to see your company’s phone number listed there as well. Not all governmental directories have the companies’ phone numbers. If the governmental directory allows you to call them, email them, or use their website to add your phone number, then please go ahead and do that.

2.3) If the above two options (2.1 and 2.2) don’t work for you, then the third and last option to validate your phone number is to ask a CPA (Certified Public Accountant), or a Latin Notary, or an Attorney (Lawyer) to write, sign and send a letter to Comodo where they confirm your company name, address and phone number. You can find the sample letters below:
– Sample Accountant Letter
– Sample Legal Opinion Letter

partner-order-idPlease provide the forms described in point 1, and any of the forms from points 2.1, 2.2, or 2.3 by contacting Comodo at https://www.comodoca.com/en-us/support/. Click on “Submit a ticket here”, select Validation Department and submit your request. Please mention your “Partner Order ID” in your message.  You can find your “Partner Order ID” on the details page of your SSL Certificate inside your SSL Dragon account. See screenshot on the right.

If you do not hear from Comodo in the next 3 days after you email them the information from above, then please call +1 (888) 266-6361 (Ext 4) to check the status of your SSL Certificate with Comodo. When you talk to them, you will need to provide them your “Partner Order ID”.

Thawte, GeoTrust, Symantec/VeriSign

If you bought an Extended Validation SSL Certificate with Thawte, GeoTrust, Symantec/VeriSign, then the certificate authority will work on validating the legal existence of your company via local public databases, as a part of the Extended Validation process. This may take between 1-3 working days. Please wait until one of the certificate authority representatives contacts you about any additional information that they may need you to provide them.

partner-order-idIf you do not hear from the Certificate Authority representatives in the 5-7 days, then please call +1 (520) 477-3152 (Ext 2) to check the status of your SSL Certificate with the Certificate Authority. Please note that Thawte, GeoTrust, Symantec/VeriSign are all owned by Symanec, and they all have the same phone number provided above.  When you talk to them, you will need to provide the “Partner Order ID”, which you can find on the details page of your SSL Certificate inside your SSL Dragon account. See screenshot on the right.

The validation time of an SSL depends on the type of certificate you chose to buy.

Domain Validated certificates are issued within 3-5 minutes in 99% of the cases. Only when an SSL Certificate is requested for a domain name that contains a trademark or a brand name, then those SSL Certificates may pass brand validation, and can take up to a business day to be issued.

Business Validated certificates are usually issued within 1-3 business days.

Extended Validated certificates can take between 1-7 business days to be issued. The Certificate Authority does its part of the work very quickly. If all the information is provided to the Certificate Authority quickly and correctly, then the Certificate Authority can issue the EV certificate within 1 business day. We’ve seen situations when the EV Certificate was issued within a few hours. The 1-7 days period depends on how quickly the customer provides the required information to the Certificate Authority, and how quickly the customer responds to the Certificate Authority’s potential requests for additional information.

By doing the Validation process, the Certificate Authority’s is trying to confirm that you are the owner of the domain, and that the company that you are requesting a Business Validation or Extended Validation certificate for is active. That is why it is important that you keep your company’s records (address and phone number) up to date and you promptly respond to the Certificate Authority’s requests.

bv2bv1You can check whether your SSL Certificate requires Domain Validation, Business Validation or Extended Validation by looking at the attributes of your SSL Certificate. Please open the two screenshots on the right in order to see where you can find the information about the validation type of your SSL Certificate.

 

You have to pass the Extended Validation when you buy a new EV SSL Certificate.

If you buy your EV SSL Certificate for 1 year, then your certificate will be valid for 1 year, and you will have to pass the Extended Validation again in 1 years when you request a new EV SSL Certificate. If you buy your EV SSL Certificate for 2 years, then your certificate will be valid for 2 years, and you will have to pass the Extended Validation again in 2 years when you request a new EV SSL Certificate.

At the same time, the process of completing the Extended Validation is easier the following years, so as the Certificate Authority has more information about your company in their system, based on your previous EV SSL Certificates requests.

There are two options of what an EV SSL Certificate can display in the address bar:
1) The company name only, for example: GPI Holding, LLC [US]
2) DBA (Doing Business As) and the company name, for example: SSL Dragon (GPI Holding, LLC) [US]

Certificate Authorities do not allow customers to display only the DBA in the address bar. Such requests came from many customers over the years, and Certificate Authorities never approved them.

Some Certificate Authorities (especially Comodo and Symantec) may ask you to update or add your phone number to your company’s DUNS listing, as a part of your Business or Extended Validation process.

After you have contacted Dun & Bradstreet and added your phone number to your company’s DUNS listing, it may take between 5 and 40 days for Dun & Bradstreet to make your DUNS listing update available to the public. When you talk to Dun & Bradstreet over the phone, they may tell you that they added or updated your phone number. However, they only initiated process. Your phone number will appear on the Dun & Bradstreet website (https://www.dandb.com/) in about 5 to 40 days after that.

You will know that your DUNS listing has been truly updated, only when you get an email message from Dun & Bradstreet saying that your DUNS profile has been updated successfully. Your phone number will start appearing on your DUNS listing only after you get this email from them. Also, Certificates Authorities (such as Comodo and Symantec) can verify your phone number based on your DUNS listing only when your phone number is publicly available. That’s why, you or we should contact the Certificate Authority requesting them to check your DUNS listing only after you get that confirmation by email.

In the past, we asked the Validation Department representatives from Comodo and Symantec to contact Dun & Bradstreet directly, and check our customer’s phone number with Dun & Bradstreet. We did that after our customers told us that they added or updated their phone number on their DUNS listing. Each time, Comodo and Symantec were told by the Dun & Bradstreet representatives that our customers’ DUNS listing update is “in progress” and “has not been completed yet”, and were advised to get back to Dun & Bradstreet when the customers receive an email message from Dun & Bradstreet which confirms them that their DUNS listing was updated.

If 5-40 days is too much to wait, we recommend you to go with other methods of validating your company and phone number, such as providing a legal letter written by a notary, an attorney, or a certified public accountant. This method will allow you to pass the Business or Extended Validation within 1-2 days.

EV SSL Certificates issued by GeoTrust, Thawte and Symantec have a quicker and easier Extended Validation process compared to those issued by Comodo.

With GeoTrust, Thawte and Symantec, the Certificate Authority does most of the company validation process all by itself, and in rare cases requires the customers to provide additional information and legal letters signed by a notary, certified public accountant, or an attorney.

On the other side, Comodo relies a lot on the customer to provide all the information about his/her company, as well as updating the company’s DUNS listing (on the Dun & Bradstreet website) and providing legal letters signed by a notary, a certified public accountant, or an attorney.

You can read what the Extended Validation process with these different brands consists of at this link.

To add your Company Name and TAX/VAT number, you have to login into your SSL Dragon Account and follow these steps:

  1. Click on the “Hello, *Your Name*” button on the right top side of your account dashboard and select “Edit Account Settings”;
  2. On the ‘My Details’ page, you will find the ‘Company Name’ and ‘Company TAX/VAT ID’ field;
  3. Fill in these fields with the necessary information then click on ’Save Changes’. 

After you perform the above steps, your SSL Dragon account and all your invoices will be automatically updated with this information.

SaveSave

If you are still wondering what are the main benefits of each validation type (Domain Validation (DV), Business Validation (BV), and Extended Validation (EV)) and why you should choose one vs. another, then this is the right FAQ for you. Each of these SSL Certificate types was created having in mind a certain customer trust level:

  • BasicDomain Validation SSL Certificates – created for customers who aren’t interested in showing their company name and address in the SSL Certificate – either because they don’t need/want to or simply because they just don’t have a company. They only need to get the SSL Certificate very quickly in order to secure their domain name with HTTPS and have all web and mobile browsers display their website as “Secure”.
  • MediumBusiness Validation SSL Certificates – designed for clients who want to display their company’s name in their SSL Certificate’s details in order to ensure their customers that their business is real and trustworthy. BV SSL Certificates also allows you to display on your website a site seal provided by the third party Certificate Authority which proves that your SSL Certificate was issued to your company’s name and address.
  • Top Extended Validation SSL Certificates   developed for clients for whom users’ trust is highly important and they want to have a green address/URL bar that displays the company’s name on all web and mobile browsers (along with making this information visible in the SSL Certificate’s details). EV SSL Certificates also provide the site seal which proves that your SSL Certificate was issued to your website, company’s name and address but these certificates have the topmost trust level because they show your customers, prospectors, and visitors that your website is highly secure and that their information is always protected.

Now that you know the main differences between Domain Validation (DV), Business Validation (BV), and Extended Validation (EV) SSL Certificates, it should be much easier for you choose the one that fits you the best.