Ensuring your website is trusted means taking measures to show users they are browsing safely. When anyone is giving you information of any kind, especially sensitive personal or financial data, they need to know that the whole process is being handled securely.
This is where SSL can play an important role.
What is SSL?
Secure Sockets Layer (called SSL for short) is a protocol that allows data encryption on the internet. Essentially the process uses certificates to authenticate websites and encryption to protect the transfer of data.
An SSL certificate allows a browser to verify that the website is genuine. Encryption is a mathematical process of coding and decoding information based on ‘keys’ which are held securely and used to read the data.
The number of bits in a key (40-bit, 56-bit, 128-bit or 256-bit) shows how big and complex it is. In the same way that a longer password is harder to crack that a short one, higher levels of encryption mean even safer transactions.
When an encrypted session is established, the level is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.
Servers and browsers
When a web browser attempts to connect to a server secured with SSL, the browser requests identification and the server then sends the browser a copy of its SSL certificate. If the browser trusts the SSL certificate it sends a message to the server, which then sends back a digitally signed acknowledgement to start an SSL encrypted session.
Browsers decide whether or not to trust an SSL certificate by checking the source of the certificate issuance. If it is issued by a Certificate Authority that is known and trusted by the browser, this is extended to the web site secured by the certificate.
Obviously this means that SSL certificates have to be official and valid and free SSL certificates are often offered by Certificate Authorities if they need to be replaced.
There are some obvious signs that a secure connection has been established. The beginning of the URL or web address changes from http:// to https:// and a padlock on the browser window changes from open to closed.
The address bar will also turn green and display the name of the website owner when connecting to a web site protected by an Extended Validation SSL certificate.