Web Analytics

DV, OV, IV, and EV Certificates

What’s the Difference Between DV, OV, IV, and EV Certificates?

What’s the Difference Between DV, OV, IV, and EV Certificates?

Although all X.509 certificates use similar methods to assure encryption, authentication, and integrity, they vary significantly in the information they include about the identities that they secure. A useful way to categorize certificates is by the method used by the certificate authority (CA) to validate the subject information included in the certificate:
Domain Validation (DV) is the lowest level of validation, and verifies that whoever requests the certificate controls the domain that it protects.
Organization Validation (OV) verifies the identity of the organization (e.g. a business, nonprofit, or government organization) of the certificate applicant.
Individual Validation (IV) verifies the identity of the individual person requesting the certificate.
Extended Validation (EV), like OV, verifies the identity of an organization. However, EV represents a higher standard of trust than OV and requires more rigorous validation checks to meet the standard of the CA/Browser Forum’s Extend.

Read on to find out how to view certificate information in a web browser, and much more about these validation types:

“Click the Lock” to View Certificate Information in a Web Browser

In modern desktop web browsers, a website secured by a valid, trusted SSL/TLS certificate will display a closed padlock to the left of the website’s URL in the address bar.

Screenshots in this article are of Chrome 84 on Windows 10, but other browsers share a similar UI for examining website certificates. If you’d like to dig deeper into different browsers’ behavior, please check out our article, How can I check if a website is run by a legitimate business?
Clicking the lock in the address bar of your browser will reveal more information about the SSL/TLS certificate of that site

If you want to find out more about the website’s certificate, such as the validation information included, simply click the lock:

Clicking the lock in the address bar of your browser will reveal more information about the SSL/TLS certificate of that site

What is a DV Certificate?

Domain validated or DV certificates are the most common type of SSL/TLS certificate. They are verified using only the domain name. Typically, the CA exchanges confirmation email with an address listed in the domain’s WHOIS record. Alternatively, the CA provides a verification file which the owner places on the website to be protected, or the applicant creates a DNS record verifying control of the comain the CA. Any of these methods confirms that the domain is controlled by the party requesting the certificate. Please see SSL.com’s Domain Validation requirements for information about the DV methods we support.

SSL.com offers the following DV certificates:

What does a DV Certificate look like in a web browser?

After clicking the lock in a web browser on a website with a DV certificate, you will only see that the site has a valid SSL/TLS certificate:

Clicking the lock in the address bar of your browser will show if the website's certificate is still valid or not.

You can dig deeper by viewing the certificate’s Subject field. In Chrome you can do this by clicking Certificate (Valid), then choosing the Details tab and the Subject field. A Domain-Validated (DV) certificate will only the Common Name (CN) field, including the domain name that the certificate protects:

You can click on "details" for more information on a given site's SSL/TLS certificate

OV and IV Certificates

Organization Validated (OV) and Individual Validated (IV) certificates require more validation than DV certificates, but provide more trust. For these types, the CA will verify the actual organization or individual person that is attempting to get the certificate. The organization’s or individual’s name is also listed in the certificate, giving added trust that both the website and its owner are reputable.

OV certificates are often used by corporations, governments and other entities that want to provide an extra layer of confidence to their visitors. Aside from SSL/TLS certificates, OV and IV are also commonly used for code signing, document signing, client authentication, and S/MIME email certificates. For more information, please refer to SSL.com’s OV and IV requirements.

What does an OV or IV Certificate look like in a web browser?

When you click the lock to view certificate information in a web browser, an OV or IV certificate looks the same as a DV certificate; the browser displays that the website has a valid SSL/TLS certificate.

What does an OV certificate look like in Google Chrome?

Digging deeper in Chrome by clicking Certificate (valid), then selecting the Details tab and Subject field you can see that the certificate includes the URL, as well as details about the company running the website. This information was verified by the CA that issued the certificate, so you can have confidence in the identity of the website’s owner.

OV subject information in Chrome
SSL.com’s OV/IV Code Signing certificates are an economical way to protect your code from unauthorized tampering and compromise, and are available for as little as $64.50 per year.


EV Certificates

Extended validation or EV certificates provide the maximum amount of trust to visitors, and also require the most effort by the CA to validate. Per guidelines set by the CA/Browser Forum, extra documentation must be provided to issue an EV certificate (as described in SSL.com’s EV requirements). As with OV, EV lists the company name in the certificate itself. EV certificates may only be issued to businesses and other registered organizations, not to individuals.

An EV code signing certificate is required to sign Windows 10 drivers and provides an instant SmartScreen reputation boost. If you’re not sure which code signing certificate you need, please read this FAQ.

SSL.com offers the following EV certificates:

What does an EV Certificate look like in a web browser?

If you click the lock to view a website’s SSL/TLS certificate and the site is protected with an EV certificate, the name of the website’s owner will be displayed:

What does an EV Certificate look like in a web browser?

As with other validation types, you can dig deeper for more information. In Chrome, click Certificate (Valid), then select the Details tab and Subject field. The information shown about the website’s owner is CA-validated, so you can trust that the entity operating the website is who they claim to be.

EV subject information in Chrome

Need More Information?

DV certificates are common and inexpensive. However, OV, IV, and EV certificates provide users with extra, CA-validated information that they can use to decide if the owner of a website, sender of an email, or digital signatory of executable code or PDF documents is trustworthy. For some types of certificates, these more thorough validation types are required for certificate issuance, such as with Adobe-trusted document signing certificates (OV/IV) or code signing certificates for Windows drivers (EV). The extra information provided in OV, IV, and EV certificates is also a great way for website owners to protect their customers from phishing.

Check out the pages and video shown below for SSL.com’s validation requirements for DV, OV, IV, and EV certificates:

Video: Validation Requirements for OV, IV, and EV Certificates

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Related Articles

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Play Video

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.