Technology

What Is SSL and Why Do You Need It?

SSL Simplified

SSL stands for Secure Socket Layer and is an encryption technology which establishes a secure session between a visitor’s web browser and a secure website, this ensures that any information transmitted during this session is encrypted and secure.

The encryption used by the Secure Sockets Layer turns sensitive information such as credit card numbers, names and addresses into random characters. Only the correct recipient (the one with the encryption key) can decode the messages. If someone else tries to intercept the information, it will appear to be useless.

The encryption key is a mathematical algorithm that is used to encrypt or decrypt information. In the same way that a lock with many different combinations is more difficult to open, the longer the length of the encryption key the more secure the encrypted data is.

How do we know a website is using SSL?

An SSL Certificate is a digital computer file (or a small piece of code) that contains information about the authenticity of the identity of a person, business or website. This information can be viewed by visitors to the website by clicking on the browser padlock symbol or trust seal.

For online retailers and other businesses that use a website to gather sensitive information and need to keep this information secure; an SSL Certificate provides a way to show customers that their personal details and payment information will be kept safe.

For consumers the SSL Certificate is proof that the business they are dealing with is who they say they are, and that they are taking the proper steps to protect customers sensitive information.
By shopping on a site or providing your personal details to a website that has been verified and has an appropriate level SSL certificate, you know you are dealing with a legitimate company and can feel confident engaging in online transactions with the company.

However not all SSL Certificates are created equal. There are a number of different types of SSL Certificates with different levels of encryption and security so it pays to be aware that not all sites offer the same level of protection.

Some of the different types of SSL Certificates include:

Self Signed Certificates: This type of certificate is generated by the website owner and is not issued by a trusted Certificate Authority (CA).

Domain Validated Certificates (DV): A certificate that validates the website domain, rather than the actual company who owns the domain. This is done, by simply sending an ‘Approver E-mail’ this is chosen by the customer and can only be sent to an e-mail address that is either registered on the WHOIS details of a website or a generic e-mail address such as administrator @thedomain.com

Fully Authenticated SSL Certificates or Organization Validated Certificates (OV): OV certificates is when the company is validated, rather than just the domain. The CA runs checks on the company to ensure they are a legal operating company.

Extended Validation (EV) SSL Certificates: Offer the highest industry standard for authentication and provide the best level of customer trust available. When consumers visit a web site secured with an EV SSL certificate, the address bar turns green in high-security web browsers and a special field appears with the name of the legitimate website owner along with the name of the security provider that issued the certificate. More thorough and strict company checks are performed by the CA before an EV SSL certificate can be issued.

With SSL protection, the likelihood of information being stolen is dramatically decreased, it is important for business website owners and customers alike to pay careful attention to SSL certificates and make sure that they are as secure as possible before engaging in online business transactions.