SSL or Secure Sockets Layer is the technology used to create a secure or encrypted link between your browser and the server hosting the site you’re visiting. Without SSL certification it is technically possible for an unscrupulous 3rd party to intercept any data passing between the browser and the server, including sensitive information that can be used harmfully. So how does the typical web user know whether or not the site they are visiting is SSL certified? Take a look at the following image (Don’t worry, we’ll define some of the terms later on):
This is how Chrome communicates the information that a site you’re visiting is secure, and SSL certified. Note the lock, and https at the beginning of the URL. HTTPS stands for HyperText Transfer Protocol Secure or Hypertext Transfer Protocol over Secure Socket Layer, and it is functionally identical to regular http, other than that it is layered under the SSL protocol which encrypts the data being transferred between the browser and the web server.
A partially secure site is a site that is SSL certified but has elements (most frequently images or scripts) that are on unsecured servers. Theoretically, these unsecured elements can be used as vantage points, and exploited by the unethical. The type and amount of damage that can be done is somewhat limited depending on what elements are unsecured, but you should proceed with caution if you ever need to give your personal information, credit card details, etc, and a site is only partially secured. Unfortunately, becoming SSL certified can be reasonably complex, and is further complicated if you have an unsecured instagram slider or social feed, or a script hosted on an unsecured server. In order to avoid having the partially secured notices show up, as they do in the image below:
For the uber-safety conscious, there’s the Extended Validation (EV) SSL certification which involves an even more rigorous verification process, and the highest levels of authentication. In addition to peace of mind, sites that are EV SSL certified get the added benefit of a prominent green address bar security notification which leads to added confidence for their visitors. Here’s what the address bar notification looks like in Chrome (above) and Firefox (below):
As mentioned above, setting up SSL certification for your site correctly can be a challenge. The work is more than worthwhile, however, as losing customers due to a lack of confidence in your site’s security is a pointless waste. The benefits don’t end there, though! In our follow up post we’ll discuss the benefits of having your site SSL certified, and how it’s done!
If you’d like to discuss the benefits of SSL certification or would like to set up SSL certification for your website, contact FiveSense Innovates and we’ll hook you up!