Actually anyone could use the cheap secure server certificate from equifax, thawte, or verisign but every time someone visits your site and it pops up it will come up with a warning in the customers browser that this cert does not match the site, see when you order the certificate they put it to a exact url like http://www.yourdomain.com
, anytime someone broswes a site and accesses a secure area using that secure certificate it has to match http://www.yourdomain.com
The more expensive * certificate allows you to use any site with *.yourdomain.com like billy.yourdomain.com or suie.yourdomain.com so you could in essence assign each customer their own subdomain url and that way they wouldnt get the pop up box in their browser.
So to make a long story short yes you will need the more exp. * certificate.