EV SSL Certificates Example Paypal.com

EV SSL Validates Trust

By establishing stricter issuing criteria and requiring consistent application of those criteria by all participating Certificate Authorities, EV SSL certificates are intended to restore confidence among users that a website operator is a legally established business or organization with a verifiable identity.

An important motivation for using digital certificates with SSL was to add trust to online transactions by requiring website operators to undergo vetting with a certificate authority (CA) in order to get an SSL certificate. However, commercial pressures have led some CAs to introduce “domain validation onlySSL certificates for which minimal verification is performed of the details in the certificate.

Most browsers’ user interfaces did not clearly differentiate between low-validation certificates and those that have undergone more rigorous vetting. Since any successful SSL connection causes the padlock icon to appear, users are not likely to be aware of whether the website owner has been validated or not. As a result, fraudsters (including phishing websites) have started to use SSL to add perceived credibility to their websites.

That said, there is still the concern that the same lack of accountability that led to the loss of public confidence in ordinary certificates, will lead to lax certification practices that will erode the value of EV certificates as well.