It doesn’t matter whether you are buying or selling over the internet, you absolutely need to see that tiny padlock to the left of the address bar to reassure and make certain that your private details, and those of your customers, are kept as safe as possible.
The SSL cert is what keeps that padlock locked and all your data under lock and key. SSL stands for Secure Sockets Layer. Yes, another exciting technological acronym probably designed to make things easier but usually ending up confusing the everyday user! An SSL Cert is a security protocol or tool, that creates an encrypted link between a web server and a web browser. Let me tell you more.
How does it work
The SSL cert has three keys. A public, a private key and a session key. Together, the public and private keys work to make an encrypted connection. Encryption means simply that the data is converted from plaintext (as you wrote it) to ciphertext. From something everyone can read to something no one without the key can read. When a web browser or a user logs on to a secured website, the website server instantly shares its SSL certificate and its public key with the client to establish a secure connection and a unique session key. Server and browser now encrypt all transmitted data using the third ‘session key. It’s a secure, invisible and immediate ‘handshake’ that makes further interaction private and safe. Anything encrypted with the public key can only be decrypted with the private key, and vice versa. Because encrypting and decrypting with private and public key takes a toll on processing power, they only come into play during the SSL Handshake. After the secure connection is made, the session key is used to encrypt all transmitted data.
The Benefits of an SSL Cert
Google will rank sites with a https:// higher than others. The reasoning is, naturally, to promote the more trusted sites. All sites with an SSL cert will begin with https:// encryption. So, your off to a good start even before potential customers start browsing. Clients and customers will also have more faith in your site when you have a closed padlock and no security warning. Most savvy shoppers never buy anything on an unsecure website as the chances of your credit card being used to buy something nefarious in the coming weeks will be greatly increased. There is a confidence in browsing secure sites that you only appreciate when you log on to be met with this message:
The closed padlock
The SSL cert, is forever associated with the locked padlock in the address bar. This is what proves to website visitors that they are on an authentic and secure website and that their online transactions are protected. Over a hundred thousand Irish .ie domains have an active Secure Socket Layer Certificate proudly displayed on site. Well, to be honest, we cannot be sure if they are all proud of them, but they have them anyway. This is a 20% increase year on year and reflects the desire by users and website owners to keep internet connections secure and prevents criminals from reading or modifying information transferred between two systems.
Why don’t I have one?
Good question. SSL secures millions of peoples’ data on the Internet every day, especially during online transactions or when transmitting confidential information. Yet less than half .ie websites (Irish domains) have an active SSL cert. Not only is this unwise from a security point of view, but it’s also a potential breach under GDPR rules (The General Data Protection Regulation 2016). Although GDPR does not specifically say that every site needs an SSL certificate in order to be compliant. But when you consider that if your site collects or processes user data then under the GDPR, you then have a responsibility as a data controller or a data processor to keep this information secure and protected, then having an SSL onsite helps to achieve this. If your site is an eCommerce site which takes user payment information such as bank details, then having an SSL is an absolute necessity. The certs themselves are relatively inexpensive and here at Dmac Media Ltd, we manage SSL certs for our hosted clients daily and recommend that every site has an active and up to date Cert for all the reasons that we have just stated.
So, why don’t you have one? We have no idea! Over to you really…