Yes, it is true that validation does add accountability and security. However, suggesting that DV certificates are less suitable than EV certificates for handling a certain kind of data is nothing more than misinformation.
The cipher being used and the SSL configuration dictate MUCH more about the security of a site than its level of validation. EV certificates do not guarantee the site isnt using a insecure cipher. EV certificates do not guarantee that the private key was not sent via plain text in an email while a network admin was installing it. So from an encryption standpoint, there is no advantage.
From a authentication standpoint, an EV MAY provide more security but remember: An EV primarily validates the name and location of the relying party. It does not check to see if they are operating ethically or if you are getting ripped off.
I dont think EV is bad, but clamping down on what type of certificates can be used gets tricky. There are very few uses where EV (or OV) certificates should be required.
The cipher being used and the SSL configuration dictate MUCH more about the security of a site than its level of validation. EV certificates do not guarantee the site isnt using a insecure cipher. EV certificates do not guarantee that the private key was not sent via plain text in an email while a network admin was installing it. So from an encryption standpoint, there is no advantage.
From a authentication standpoint, an EV MAY provide more security but remember: An EV primarily validates the name and location of the relying party. It does not check to see if they are operating ethically or if you are getting ripped off.
I dont think EV is bad, but clamping down on what type of certificates can be used gets tricky. There are very few uses where EV (or OV) certificates should be required.