Do I need an SSL Certificate?
An SSL (Secure Sockets Layer) Certificate is a digital Certificate that authenticates the identity of a website. It creates a safe connection by encrypting sensitive user information, such as credit card information and passwords that are being transmitted to the web server while making a purchase or logging in to a member’s area of a website.
You may notice that some website URLs start with HTTP (Hypertext Transfer Protocol) and others start with HTTPS. The additional “S” stands for “Secure.” Having the HTTPS means that there is an SSL Certificate installed and the site is protecting user information. Basic HTTP does not offer protection. Your site will have a better reputation if users see that you take security seriously and will know your site is secure if it uses HTTPS.
If you plan on having a site where customers enter private information, then you need to include an SSL Certificate. Your users will know that your site is one that they can trust and they can do business with you knowing that their information is going to be safe from hackers and identity theft.
Google has started pushing websites to be more secure. Google Chrome will display a “Not Secure” warning for pages that do not have an SSL Certificate, regardless if your page contains forms or collects credit card information.
An SSL Certificate contains the following information:
- The certificate holder’s name
- The certificate’s serial number and expiration date
- A copy of the certificate holder’s public key
- The digital signature of the certificate-issuing authority
E-Commerce and Credit Cards
If you are an online merchant or have a paid membership site that collects payment, you need an SSL Certificate. It is your responsibility to safeguard the personal data you collect from your customers. This will make sure that hackers cannot capture the information and will help protect your customers from identity theft.
You technically do not need an SSL Certificate if your website uses a 3rd party payment processor like PayPal to handle credit card payments. This is because your website won’t see the credit card information directly. However, as mentioned earlier, your site will have a better reputation, and likely have an improved Google search ranking, if you have one.
Forms, Logins, and Passwords
Will you have forms on your site that ask for personal information? Then you should have an SSL Certificate installed. If you do not, the data that is transmitted could be captured by hackers or bots (malicious internet robotic technology). Also, you may lose leads from visitors because they will not fill out forms on unsecured pages.
If your site has a login page where the user enters a username and password, you will need an SSL Certificate. This is especially true if you are using WordPress, Joomla or any other database-driven websites with a login page for the administrator.
Since users may often use the same password on other sites, such as banks, a hacker could potentially gain access to those other accounts. You wouldn’t want your site to be the source of that password theft because you didn’t secure it with an SSL Certificate.
Did you know that there are different types of SSL Certificates?
There five major types of SSL Certificates and each use the same standard encryption methods. There isn’t one that is ‘more secure’ than the other. Each type has its own purpose and characteristic.
- Single Domain
- Multi Domain (SAN)
- Wild Card
Single domain SSL Certificates protect a single domain and not for subdomains on that site. These are perfect for simple, straightforward content-based sites. That includes most B2B sites or e-commerce ones where all transactions occur on a single domain.
Multi Domain (SAN)
Multi domain SSL Certificates secure multiple domain names and multiple host names within a domain name. It lets you secure a primary domain name and up to 99 additional Subject Alternative Names (SANs),
Multi-domain SSL Certificates are compatible with shared hosting, but the site seal and certificate “Issued To” information will only list the primary domain name. If you have a secondary hosting account, this will be listed in the certificate. If you do not want sites to appear “connected” to each other, then you should not use this type of certificate.
If you want to have subdomains, a Wildcard SSL Certificate would cover the main site and all the subdomains under it.
Organization SSL Certificates will authenticate a company’s identity and information. It is meant for content-based sites that don’t need to secure an e-commerce or payment portals.
In addition to validating domain ownership, you’d also need to confirm and authenticate the other organization-related details (so there’s a bit more red tape required for the process).
Extended SSL Certificates do a bit more than just organization validation. They verify the domain and double-check the legal corporation. You can expect days to weeks for setup. Also, you’ll get a green address bar on most modern browsers to indicate that the website is secure.
If you have anything that needs to be secure online, whether it is a form, login page, or credit card transaction, your site needs to operate with the security of an SSL Certificate.
There are many bots out there that scan the web looking for poorly protected password pages. These can try to gain access to your site no matter how large your site is.
Another thing to keep in mind is that not everyone collects money online. Some websites collect information, If you are collecting even the most basic information such as name, address, phone number, and email address, you want to protect your user’s information.
Need help? Call our support team 24/7 at (480) 624-2500
Copyright © 2017 PickleShark