Online Security for Start Ups & Small Businesses

SSL Guide For Starters

What is an SSL Certificate?

An SSL certificate is a digital computer file (or small piece of code) that has two specific functions:

  • 1. Authentication and Verification:

    The SSL certificate has information about the authenticity of certain details regarding the identity of a person, business or website, which it will display to visitors on your website when they click on the browser's padlock symbol or trust mark (e.g., the Norton Secured Seal). The vetting criteria used by Certificate Authorities to determine if an SSL certificate should be issued is most stringent with an Extended Validation (EV) SSL certificate; making it the most trusted SSL certificate available.
  • 2. Data Encryption:

    The SSL certificate also enables encryption, which means that the sensitive information exchanged via the website cannot be intercepted and read by anyone other than the intended recipient.

In the same way that a identity document or passport may only be issued by the country's government officials, an SSL certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has to follow very strict rules and policies about who may or may not receive an SSL certificate. When you have a valid SSL certificate from a trusted CA, there is a higher degree of trust by your customers, clients or partners.

How Do I Know That a Site Has a Valid SSL Certificate?

A standard website without SSL security displays "http:// " before the website address in the browser address bar. This moniker stands for "Hypertext Transfer Protocol," and is the conventional way to transmit information over the Internet.

However, a website that is secured with a SSL certificate will display "https:// " before the address. This stands for "Secure HTTP."

You will also see a padlock symbol on the top or bottom of the Internet browser (depending on which browser you are using).

Often, you will also notice a trust mark displayed on the website itself. Symantec customers use the Norton Secured Seal trust mark on their websites. When you click on the Norton Secured Seal or the padlock symbol on the page, it will display details of the certificate with all the company information as verified and authenticated by the CA.

By clicking the closed padlock in the browser window, or certain SSL trust marks such as the Norton Secured Seal, the website visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation (EV) SSL certificate is detected. If the information does not match, or the certificate has expired, the browser displays an error message or warning.

Tech Talk Made Simple

Encryption: Information is "scrambled" so that it cannot be used by anyone other than the person for whom it is intended.

Decryption: "Un-scrambling" information and put it back in its original format.

Key: A mathematical formula, or algorithm, that is used to encrypt or decrypt your information. In the same way that a lock with many different combinations is more difficult to open, the longer the length of the encryption key (measured in number of bits), the stronger the encryption.

Browser: A software program that you use to access the Internet. Examples include: Microsoft Internet Explorer (IE); Mozilla Firefox, Apple Safari, RockMelt, and Google Chrome.

Conclusion

Trust makes all the difference in the world of online business. Investment in technology to protect customers and earn their trust is a critical success factor for any company that does business online or hosts an e-commerce website. The effective implementation of SSL certificates and correct placement and use of trust marks are proven tools in the establishment of customer trust.

With the acquisition of Symantec Authentication Services, Symantec is now theleading provider of SSL certificates globally, helping to assure customers that they are safe from search to browse to buy and sign in. Symantec secures more than one million web servers worldwide. Symantec also secures over two-thirds of websites using Extended Validation SSL, including the biggest names in e-commerce and banking. When you choose Symantec, you can rest assured that your website and your reputation are protected by the CA with a proven track record and the most recognized trust mark on the Internet.

** This information is taken directly from Symantec's DataSheet - "Beginner's Guide To SSL".