What can be verified by SSL certificates (what is the key difference of SSL certificates)?
Some certificates can only verify registrant rights (i.e., validate domain). These are DV (Domain Validation) certificates.
DV certificates confirm that the user is indeed seeing the website which address is shown in address bar (i.e., that the user was not redirected to a malicious fake website). But DV certificates do not contain information on the website's owner, because certificate buyers do not have to provide documents confirming their identity.
Therefore, certificate owners can be masquerading as someone else.
Thus DV certificates might be used by fraudsters to create fake web resources.
DV certificates are entry-level SSL certificates.
Certificates can confirm domain ownership and existence of the entity owning it (i.e., validate both domain and it owner). These are OV (Organization Validation) certificates.
OV certificates confirm that the user is indeed seeing the website which address is shown in address bar (i.e., that the user was not redirected to a malicious fake website) and show the website's owner. In order to get such a certificate, certificate buyers have to provide documents confirming their identity.
A special type of certificates validating both domain and it owner are issued only after extended validation of buyers, thus ruling out the possibility that the buyers provide fake data to get certificates.
These are EV (Extended Validation) certificates. Users see a green address bar when visiting websites with EV certificates, which is recognized by consumers as a hallmark of security.