Extended Validation (EV) SSL Certificates:  where the Certification Authority checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organisation.   The issuance process of EV Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a Certification Authority (CA) before issuing a certificate, and includes:

• Verifying the legal, physical and operational existence of the entity
• Verifying that the identity of the entity matches official records
• Verifying that the entity has exclusive right to use the domain specified in the EV Certificate
• Verifying that the entity has properly authorized the issuance of the EV Certificate

EV Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.

The Certificate application process itself is more thorough and the validation criteria more rigorous for EV certification, whose applicants, at least initially, are limited to certain types of business entities and government agencies. Among the new features of EV SSL Certificates is the color-coding of the Web browser's address bar to signal secure connections. The browser navigation window turns green to indicate an authentically validated site with an Extended Validation SSL Certificate, full website security, and encryption in place, and turns red when it encounters a known phishing or otherwise untrustworthy site.

At present, all businesses should consider trying to upgrade to EV SSL Certificates, assuming that they meet the validation requirements, since the EV SSL Certificate offers the greatest level of website security on the SSL Certificate market today.