Wait ...
The Difference Between Standard and Premium SSL Certificates

Posted on January 27, 2019

by Adam Justice

category: Hosting,

An SSL Certificate allows a website to initiate a secure session with browsers so user data that is entered on the website is encrypted before transmission. It changes the protocol from http to https.

For most websites such as blogs it isn’t really necessary, but a standard certificate is recommended for any website that a user enters personal data or creates an account for. Premium extended validation certificates are required for online stores that ask for financial information such as credit card numbers. Virtual terminals for credit card processing require websites have a Premium SSL Certificate if the transaction takes place on site. This is important because directing a customer to a third party website for payment lengthens the sales funnel and affects customer perception.

What Makes a Premium SSL Certificate Better?

The security is functionally the same (usually 256 bit encryption for both certificates), but a Premium certificate requires that a company validate their existence more thoroughly. You will need to confirm your company’s location and phone number by sending the certifying authority a copy of your phone bill with an address, alternatively and sometimes in conjunction with a Professional Opinion Letter written by a lawyer or accountant. The Professional Opinion satisfies most of the requirements for extended validation. The company you purchase your SSL certificate from will have a boilerplate template on file for use. The Thunderbolt Host POL is linked for download below.

The added benefit of a Premium SSL Certificate is that your website address will be appended by a green lock and organization name, ensuring your visitors that your website is authentic and that it represents a real organization.

Capital One Premium SSL Certificate as shown in Google Chrome
Financial websites like Capital One require a Premium SSL Certificate. The company’s official name is shown before the web address, along with the pad lock.

Internet users become more aware of these standards everyday. Browsers have already begun making the lack of an SSL certificate more obvious, and I expect that search engines will either reward websites with an extended SSL certificate or penalize websites without encryption in the future.

A website without an SSL certificate in Google Chrome
Google Chrome prominently displays the words “Not Secure” before the address of a website that does not have an SSL certificate.

If you plan on selling items on your website you will benefit greatly in the long run from purchasing a Premium Extended Validation SSL Certificate and processing payments on site. This may require some business filings with your state, and will definitely require a physical address and Professional Opinion Letter.

If your website represents a company or plans on implementing features that require visitor interaction or sign in, you will need at least a Standard SSL certificate. The standard SSL can be purchased and implemented easily.