You might have heard a lot of people talking about SSL. So what is it? Well, let us explain it to you.
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server & browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys – a Private Key and a Public Key.
The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) – a data file also containing your details. You should then submit the CSR. During the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL. Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer’s web browser.
The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session – the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals.
What does an SSL Certificate contain & what are its advantages?
Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site’s SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL.
Advantages of SSL:
- Encrypts Information:
The major purpose of an SSL certificate is to encrypt information so that it can only be read and understood by the intended parties. Information submitted on Internet forms often passes through more than one computer before reaching its final destination, and the more “stops” it has to make, the higher the chance that a third party could obtain access. An SSL certificate inserts random characters into the original information, rendering it incomprehensible to anyone without the proper encryption key. If the information does somehow wind up in the wrong hands, it will be unreadable and therefore useless.
You want to be sure that the information on your website, including customer information, goes to the correct server without being intercepted. When obtaining an SSL certificate, another type of protection called a server certificate is also issued. This certificate acts as a mediator between browsers and SSL servers to show that the SSL certificate provider can be trusted. Customers can view these documents to validate that the SSL certificate of your site is up to date and that the page they’re about to enter information on is really yours and not an imitation.
- For Accepting Payments:
In order to meet Payment Card Industry Compliance, an online business needs an SSL certificate with the proper encryption of at least 128-bit. PCI standards verify that the SSL certificate is from a trusted source, uses the right strength of encryption and provides a private connection on any page that requires customers to enter personal information. Without a certificate that meets these standards, a site won’t be able to take credit card payments.
- Added Brand Power:
Companies that provide SSL certificates often offer site seals and other images that indicate well-trusted encryption is in use. Displaying these branded icons gives customers an added level of assurance that their information is safe as it travels.
- Customer Trust:
All of these elements work together to create trust between a customer and a business. Providing your customers with security for all of their information and giving them ways to verify that security improves confidence and helps to ensure a positive buying experience.
iNFOTYKE works towards making your website secure and helps you to retain the trust which you’ve with your customers. So next time you want to get a website made, you know whom to contact.