CertSimple will be shutting down on January 30 2020. Read the announcement here.

Do EV certificates provide better encryption than non-EV certificates?

No. The security benefit is matching public keys to identity.

By Mike on 6th March 2015

No, they don't. EV certificates verify a different subject from non-EV certs. That subject is the physical and legal existence of your business, rather than a non-EV certificate which typically is focused on the domain name.

While EV have some higher requirements than DV certs (2048 bit RSA and mandatory Certificate Transparency to protect against compromised CAs) - those are also implementable, but not mandatory, on DV certs.

The encyption strength of a certificate is seperate from the validation process. A typical non-EV certificate shows that someone owns a domain: a DV certificate for https://yourcompany.com only proves you have the domain yourcompany.com, but doesn't actually prove who you are. Someone else could get the DV certificate for https://yourcompany.com.fraud.ru and, seeing as they run fraud.ru and there's no proof of identity either, it would look almost identical.

How can I see the subject difference between an EV cert and a non-EV cert in the browser?

Obviosuly, an EV cert shows the identity with a green bar. But you can also see the full subject. In Chrome, click the green bar (EV) or the lock (non-EV) and then Connections, then Certificate Information.

Here's the subject in a non-EV certificate:

Here's the subject in an EV certificate:

How can I see the subject difference between an EV cert and a non-EV cert on the command line?

openssl x509 -in example.com.crt -noout -text | grep Subject
   Subject: OU=Domain Control Validated, CN=billing.example.com
           DNS:billing.example.com, DNS:www.billing.example.com

openssl x509 -in example.com.crt -noout -text | grep Subject
   Subject: jurisdictionOfIncorporationCountryName=GB/businessCategory=Private Organization/serialNumber=09378892, C=GB, ST=City of London, L=London, O=example Limited, CN=billing.example.com, DNS:billing.example.com, DNS:www.billing.example.com

serialNumber=07875247 is a registered company serial number in the country. In this case, it's a UK certificate, so it matches a Companies House entry where the company was registered with the UK national government.

Mike MacCana, founder at CertSimple.

CertSimple makes EV HTTPS fast and painless.

An EV HTTPS certificate verifies the company behind your website. But getting verified is a slow painful process. CertSimple provides EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide verification steps specific for your company, update in realtime during the process, and even check your infrastructure to help you set up HTTPS securely.
Verify your site now!