A Beginners guide to SSL

No primary category set

Antonio Villas-BoasAntonio Villas-Boas was born in London and now lives in New York City. He is passionate about technology and has recently started his own tech blog, tonyvstech. Since starting his blog, he has been featured in The Tech Block for his article on the upcoming Windows 8 update.

Antonio’s goal is to become a authority in the world of technology and today writes with Symantec to give a beginners guide to SSL Certificates.
 

Symantec SSL CertificatesSSL Certificates: What Are They and Does Your Business Need One?

So you want to set up an e-commerce business, but internet security eludes you. Fear not, small business owner, it’s really not that bad. The best place to start is to obtain an SSL certificate for your website. An SSL (Secure Sockets Layer) certificate is a small piece of code that e-commerce businesses integrate into their websites. A certificate serves two main purposes:

1) SSL certificates reassure customers by verifying and authenticating trustworthy e-commerce businesses

Trust makes all the difference in the world of online business*. With an SSL certificate, customers will be much more comfortable with divulging sensitive information, such as credit card details, on an e-commerce site that has been verified and authorized by a Certificate Authority (CA). Consumers tend to be well aware of the dangers of online scams, so reputable e-commerce businesses use this tool to instill confidence in customers that they are legitimate. Anytime there is a padlock symbol on the very left of a browser’s address bar at an e-commerce site’s checkout page, it is an indication of that business’ authenticity.

PayPal SSL Green URL Bar

For all small e-commerce businesses, this doesn’t mean you should obtain any cheap SSL certificate you find on the web. Scammers can actually obtain certificates from no-name CAs that hand them out indiscriminately, providing victims with a false sense of security. It’s important to obtain a certificate from a trusted CA that follows strict rules and policies to determine who gets a certificate and who doesn’t. Symantec is a good example of a trusted CA, with the added bonus that consumers already associate it with internet security products that they know and trust, such as Norton Anti-Virus.

2) SSL certificates include encryption of sensitive data, such as credit card details

It’s all well and good for a customer to know that an e-commerce business is trustworthy and won’t misuse sensitive information. However, trust alone won’t protect customers’ sensitive information from lurking cybercriminals. Symantec’s SSL certification includes data encryption which scrambles sensitive data using a myriad of complex 128 or 256 bit coding algorithms which can only be decoded by the intended recipients. For a more detailed description of how SSL encryption works, take a look at this video.

Encryption AND authentication provided by an SSL certificate from a trusted CA is the best way to go. Many shopping cart systems, such as www.opencart.com, may provide SSL encryption to protect data, but no authentication to prove a business is legitimate. What good is encrypted data if the intended recipient is a credit card thief?

Does your business need an SSL certificate?

For any e-commerce business that needs to process sensitive customer payment data, there are very few negatives for SSL certification. High quality certificates from trusted CAs are easy to obtain too (if a business is, indeed, legitimate), so the cost is small compared to the added value of customer trust.

No matter how good an e-commerce business’ products or services are, no online consumer should be filling in the credit card box unless they see the SSL certification padlock symbol on the very left of their browser’s address bar. It’s just not worth the risk, and customers who are in the know about online security will be wary of any site that doesn’t provide this service.

As I mentioned above, using a CA that people will recognize, such as Symantec, is your best bet. Not only do they offer varying levels of SSL certification depending on an e-commerce business’ size and needs, they also provide malware scanning to actively defend a website and its customers from cyber-threats.

Does my non e-commerce website or blog need SSL certification?

If you’re just blogging or maintaining a website that doesn’t involve the handling of online payments or other sensitive customer information, you probably don’t need SSL certification. If your business depends on credit card payments, then SSL certification is well worth looking into!

* Symantec Beginner’s Guide to SSL Certificates page 7

2 Responses

  1. I think it is the cost of SSL that is stopping SME to use them. Quite a few getting around it by using secure system like PayPal, Google and now Amazon Payments.

    Consumers are quite relaxed as long as they don’t have to put card information during checkout process with SME which they have not heard of.

RELATED POSTS..

Temu MASA Certification for User Security and Privacy

Temu MASA Certification for User Security and Privacy

TikTok European User Data Security update

TikTok European User Data Security update

Hack4Values Pro Bono bug hunters for NGOs & nonprofits

Hack4Values Pro Bono bug hunters for NGOs & nonprofits

TikTok Project Clover to safeguard UK EEA User Data

TikTok Project Clover to safeguard UK EEA User Data

Amazon-Secure-Delivery-One-Time-Password-shutterstock_2186082053

Amazon Secure Delivery (One-Time Password)

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars