By now most people understand the “secure” indicator to the left of the address. This lock icon shows you the website you are using has a valid SSL certificate and protects your data. You can safely transfer sensitive information (such as your name, date of birth, etc.) and complete transactions using credit card or bank account information. The other way to tell a site is secure is if the address starts with https vs. http. Sites with valid SSL Certificates will be using https:// protocol instead of http://.
SSL stands for Secure Sockets Layer. It’s often referred to as SSL, TLS/SSL (Transport Layer Security), or simply https.
SSL is the standard way websites protect online transactions and sensitive information transfers. It’s the security technology for establishing an encrypted link between a web server and a browser1.
Web servers are issued SSL Certificates which allow the secure connection to take place. The SSL encrypted link keeps all the data you enter private as it passes between your browser and a website’s server.
Why is SSL so important?
Without an SSL certificate, your data can be intercepted on its way up to the web server. Anything you enter is potentially exposed to would-be hackers along the way. You should never enter credit card or other sensitive information to a website if you don’t see the secure lock icon and https:// at the beginning of the website’s address.
This post on SSL Shopper talks more about the process and how your data stays secure when you make an online purchase: Why SSL? The Purpose of using SSL Certificates2.
If you accept credit card payments on your website, you need to follow Payment Card Industry Data Security Standard (PCI DSS) requirements. Having an SSL Certificate is mandatory for PCI compliance.
PCI Compliance is a complex and ongoing process involving validation levels, compliance assessments, and reporting. See the Official PCI Security Standards Council for more information.
Google Requires HTTPS in Chrome
Early this year, Google started marking sites without SSL as “Not secure.” Users can see the status of every site they visit in the Chrome browser, either “Not secure” or “Secure,” to the left of the url address bar at the top.
Search Engine Journal explains what Google is doing to try to make a more secure web. And it’s working. Sites that are secure have been ranking higher in Google than their non-secure counterparts since 20143. Whether you are selling goods, collecting email addresses, or none of the above, give your users a secure experience from the time they visit your site until they leave. It’s good practice and good business.
1 “FAQ: What is SSL,” http://info.ssl.com/article.aspx?id=10241.
2 “Why SSL? The Purpose of using SSL Certificates,” SSLShopper.com. https://www.sslshopper.com/why-ssl-the-purpose-of-using-ssl-certificates.html
3 “Google Is Requiring HTTPS for Secure Data in Chrome,” Jan. 21, 2017, Search Engine Journal. Source: https://www.searchenginejournal.com/google-is-requiring-https-for-secure-data-in-chrome/183756/