In order to be able to safely and securely accept and send sensitive information through a website, it is extremely important that information is encrypted when it is being sent back and forth from your site visitor and your website. The reason why this is so important is because it is extremely easy for anyone to eavesdrop and steal sensitive data while the data is being transmitted back and forth.
As an example, someone may be using a public Wi-Fi hotspot at a cafe. When you connect to a password-protected Wi-Fi network, you are actually connected to an encrypted Wi-Fi connection and so the wireless data being sent back and forth between the router and your computer is encrypted. So if someone was trying to eavesdrop on the wireless connection, they would not be able to decrypt the data unless they are connected to the same Wi-Fi connection or unless they knew the passphrase to decrypt the data directly.
So with this in mind, it is important that where any sensitive data can be accepted or sent to the visitor – your client – that the connection is secure and encrypted. But there are some problems with simply allowing an encrypted connection over the Internet. How can you be absolutely sure that the information your client is seeing and the information your server receives is authentic? How can you be sure that when you log in to a client area that the source code has not be tampered within a way which means you are submitting sensitive data to a criminal – even though it is encrypted? An SSL certificate does just that. It acts as the “trusted party” to determine whether a secure connection to a website is authentic and genuine.
SSL certificates are issued by companies commonly referred to as Certification Authorities. Web browsers have a secure list of certification authorities it trusts. All the major Web browsers trust all the most common certification authorities, such as Alpha, VeriSign and GlobalSign. At eUKhost, we offer SSL certificates issued by Alpha and GlobalSign.
How does an SSL certificate work?
An SSL certificate is installed on a website, and each time a visitor browses a section of your website encrypted over SSL, a “public key” is sent by the server to your visitor’s Web browser. This public key is used to encrypt data before it is sent to the website your client is browsing, and vice versa. Once an encrypted connection is established and verified, all data transmitted both ways is encrypted.
How much does an SSL certificate cost?
It depends on the type of SSL certificate you need. The cheapest SSL certificates are domain validated certificates. These work by simply validating that you own the domain name you are purchasing the certificate for. For eCommerce stores and banks, they will want to assure their customers regarding the security of the connection by paying more for a certificate which offers organisation authentication checks. These types of certificates not only verify the domain, but also the organisation which owns the domain – hence, organisational authentication.
Do I need an SSL certificate?
Yes, you need an SSL certificate. As a matter of fact, if you need to comply with PCI DSS, part of that process is through the use of an SSL certificate. All Web browsers will stop and warn a user with a scary warning if a website is using an invalid SSL certificate or if they are not using one at all. Not using an SSL certificate in areas which are secured over SSL will result in a dramatic fall in revenue and can be devastating to your business image.
How easy is it to use an SSL certificate?
When you purchase an SSL certificate with us, you can submit a support ticket to request assistance in installing your certificate on your website. Don’t worry, we won’t charge a fee for helping you install it – it’s free.
You can find out more about our range of SSL certificates here. Have any questions? Call our friendly and knowledgeable sales team on 0800 862 0380.