What is SSL?
SSL stands for Secure Sockets Layer; it is used to keep information that is being passed between a server and a client private. SSL protects data such as credit card numbers, social insurance numbers and login credentials from being intercepted by a third party.
If you have ever banked online or purchased products online from a website such as amazon.com, you have browsed and accessed a website that is protected under SSL. You may have noticed, a golden lock icon in the browser window, a highlighted green web address bar, or a website that has https:// in its URL; the “s” signifies that the page is secure, opposed to a non-secure connection http://.
How does SSL work?
SSL works by using Certificates. There are three parts to an SSL certificate, a public key, a private key, and a session key. When your internet browser attempts to access a website that is secured by SSL, a 'handshake' takes place (invisible to you) that shifts between these keys to provide security.
This handshake goes a little like this:
- Your browser connects to a webserver, which is secured with SSL.
- The website server sends a copy of the SSL certificate to your browser (including the public key).
- The browser checks the certificate against a list of trusted CA's (certificate authority).
- If the browser trusts the certificate, it creates and encrypts the information into a session key.
- The server then decrypts the session key, using the private key and sends back an acceptance of the session key to start an encrypted session (a protected area, where the information is more or less hidden or scrambled from third-party eavesdroppers).
- The server and Browser encrypt all transmitted data with the session key, and you are safely browsing the website.
Why use SSL?
Websites use SSL to ensure visitors have a trusted and secure environment to conduct business and share information online. In many cases, if your website accepts credit card information, you are required by the PCI (Payment Card Industry) to have an SSL certificate.
Website visitors who can recognize an SSL connection feel confident that their information is protected from hackers, who might try and steal their personal information. Although SSL doesn’t protect a website from viruses, phishing and other forms of malicious action, it does protect important information that you would not want to have publicly shared.
Are you collection or sharing information on your website that should be protected?
There are various levels of security and pricing available to secure your information. Contact your web developer or Encore Web Plus today.
Hey!! If you found this topic interesting and would like to know more about the latest communication trends for business, click the link below to receive updates to your inbox (We send updates twice monthly).