Organization Validation (OV)

Authentication Requirements

Organization Validation (OV) SSL Certificates provide a greater level of consumer trust through strict authentication standards than what Domain Validated (DV) SSL Certificates will provide. Organization Validation (OV) verification guidelines require us to obtain and verify multiple pieces of identifying information.

Trustico® Validation Image

Organization Validated SSL Certificate products assist with consumer confidence as they require strict authentication and include an organization name within the SSL Certificate.

During the ordering process you must ensure the organization you specify is an active entity and can be confirmed by the government authority responsible for registering the entity within the specific jurisdiction. An exact match between the organization name specified during the order process and the government authority is required.

Organizational Validated (OV) products require manual verification. When a product requires manual verification, certain requirements must be met and will be stated within the product information pages.

Sample documents that may be required to support the SSL Certificate application are :

- Articles Of Incorporation
- Fictitious Name / Doing Business As Document
- Business Licensing
- Bank Statement
- Merchant Account Statement
- Utility & Telephone Bills

The administrative contact of the order will be contacted for further information if documentation is required.

A verification telephone call with the administrative contact will usually be required before issuance. The telephone number must be publicly listed in an approved telephone directory.

It is recommended that the organization be listed at Dun & Bradstreet as it is one of the world's leading sources of commercial information and insight on businesses - which external companies rely on to make critical business decisions.

Organization Validation (OV) Requirements

If the applicant is an Organization (corporation, government agency, registered business entity, etc.), We will need to verify the identity through one of the following (these may also be used to verify the address if it's included) :

- A government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition
- A third party database that is periodically updated and considered a Reliable Data Source (Dun & Bradstreet for example)
- A site visit by the CA or a third party who is acting as an agent for the CA; or
- An Attestation Letter.

We may use the following to verify the ADDRESS, provided that identity has been verified as required above :

- Articles of Incorporation (with address)
- Government Issued Business License (with address)
- Copy of a recent company bank statement (you may blacken out the Account Number)
- Copy of a recent company phone bill
- Copy of a recent major utility bill of the company (i.e. power bill, water bill, etc.) or current lease agreement for the company

If the Applicant is an Individual, we must obtain all of the following :

  1. Copy of a valid driver's license or passport of the Applicant
  2. Copy of a recent major utility bill (i.e. power bill, water bill, etc.) or bank statement of the Applicant

If the Driver’s License and Passport does not list any address details or those details do not match with the account, then we will require A. and 2 documents from B.

Please Note : Recent is defined as any documents dated within the last 6 months.

Whois Verification (Registrant Company Name And Address)

It is important to ensure that your Whois registrant information is up-to-date with the most recent information about your company or the person who owns the domain. Whois information is the information that was originally used to purchase your domain.

There are various domain suppliers available and when you purchased a domain, you would have been required to fill out some information either about your organization, yourself or both. This information can come in very handy to speed up the validation process of your SSL Certificate and is always highly recommended to ensure that the information available is up-to-date.

Domain Control Validation (DCV)

The following generic e-mail addresses are currently able to be used :

- admin@yourdomain.com
- administrator@yourdomain.com
- hostmaster@yourdomain.com
- webmaster@yourdomain.com
- postmaster@yourdomain.com

The above addresses are generic addresses. Applicants must choose a generic address to prove that they administer the domain name purchasing the SSL Certificate. If we are able to retrieve the Admin, Registrant, Tech or Zone e-mail addresses from the WHOIS database it can also be used.

Telephone Verification Call

The final step to completing the validation procedure is to verify the applicant who placed the order for the SSL Certificate and the organization. This is completed by the Certificate Authority who will use various agencies available to verify your company.

The phone number must be verified via one of the following :

- Government database (QGIS – Qualified Government Information Source).
- Other third party database (Dun & Bradstreet for example).
- Verified legal opinion or accountant letter.

It is important to ensure that the phone number available in the various agencies that the Certificate Authority may use is up-to-date with the latest phone number your organization uses. It is recommended to provide us with any agency that your organization has been registered with as we can speak with the Certificate Authority to further speed up the validation process.

The most common agency that is used is the Dun & Bradstreet record. If you have a record or a DUNS number, you can provide this to us during the ordering process which will then be used to get the information about your organization and phone number. We can then use this during the validation process to speed up the validation process.

Once the phone number is verified validation staff will call the Applicant to verify the authenticity of the certificate request. Following successful completion of the elements above the certificate will be signed and released.