This is the most basic level of SSL validation. The Certification Authority (CA) only ensures that you are the owner of a specific domain using the information contained in the WHOIS. Naturally, this type of certificate enables secure data encryption on your site, but it does not verify that you are the owner of a legitimate business. It is legitimate, and, most importantly, it is a very quick solution to protect your site using HTTPS. Customers seeing the padlock in your browser will have more trust in your site than before, because the padlock is a recognized sign of legitimacy.

A DV certificate is fine where security is not a concern: however, attackers can also use DV-certificates on phishing sites. Unsuspecting users see the trusted padlock and enter their personal data on the site which can then fall into the hands of fraudsters. The fact that the data channel is secured does not necessarily mean that the data will go to the right people. A user needs to be sure that the site belongs to a legitimate company if they are to make a purchase or input important information.