SSL certificates can sound scary, even more so when referred to by their full name: Secure Sockets Layer Certificate.
Add misinformation and confusing guides and you can end up with a spinning head and little in the way of guidance. So, we ditch the technobabble and provide a super-easy-to-understand guide to what SSL certificates are and why, if you’re the owner of an online shop, you may really need one.
SSL certificates are simple and are an important way of making your customers feel safe whilst shopping online with you, as well as their payments being protected by technology.
They’re superfast to install – in the majority of instances in minutes.
SSL can be thought of as a set process for both securing and protecting data that is sent from one place to another – and it needn’t merely be for financial transactions only either, going on to include sensitive data such as your customer’s name, address and date of birth.
SSL works alongside encryption (which is a fancy word for a scrambled message) to help keep the movement of this data private and protected. Whenever a message is sent to a website using SSL it passes a checkpoint which effectively decides whether that message is all-in tact and completely unaffected by potential interference.
You probably use SSL every day – on sites such as Facebook, Amazon and Twitter. When SSL works in the background your activity is silently protected from cybercriminals who may otherwise be listening in on your messages and communications or, perhaps most seriously, stealing your financial information when buying online.
Working out whether a website uses SSL is easy. Simply look for either a lock symbol by the address in the browser bar, or a web address that begins with https rather than http.
Google have added a ‘lightweight ranking signal’ to websites featuring SSL, meaning there’s a search result position boost to those opting to secure their website.
After all of the above it seems straightforward to assume an SSL certificate would be needed by any and every form of online store. However this may not be the case if you don’t actually capture or store sensitive data. When does this apply?
Well, in the majority of such instances it is where an offsite payment processor is in place (such as PayPal); these guys actually capture and store the sensitive data for you, and it’s their job to ensure that the data is secure.
If you use an offsite payment service, you may still require customers to create an account or login details. Of course this data is far from complete card numbers and account details, nevertheless it can provide cybercriminals with all they need to gain access to their accounts.