SSL Security

SSL or secure socket layer is an enhanced means of protection that allows the data transmitted over the world wide web to and from the websites to be secured by encrypting it using various means and at different levels. There are many encryption algorithms of various complexity available for implementation in ssl and provide varying levels of protections. Encrypting the data prevents any drop in listener or hacker to easily decode and interpret the transmitted information making the transmission safer and more reliable.

Whenever a website uses secure socket layer the URL that it has always had an extra “s”, meaning that instead of http://sitename, https://sitename is displayed the URL window. Also a lock icon is displayed conveying the same. This indicates to the users that the site has been secured by secure socket layer.

There are various types of SSL certificates. Below is a short introduction to the each type:

  • Extended Validation Certificates: While awarding these certificates not only the domain ownership is checked, but a thorough wetting of the organization requiring the certificate is done as well.
  • Organization Validation Certificates: While awarding these certificates the domain ownership is checked and a little bit of wetting of the organization requiring the certificate is done as well.
  • Domain Validation Certificates: Only the domain ownership is checked and there is no check about the organization as such.

Another manner in which the SSL certificates can be classified is as shared or private. A short note on both, below:

Shared SSL: These are less costly as these are obviously shared with other domains /accounts on the same server and are usually displayed like https://secure.yourhost.tld/~username

Private SSL: Here the owner gets a personal certificate and needs to purchase a dedicated I.P. address to run the SSL on. The URL created here is like  https://secure.yourname.com and these is no mention or advertisement by the SSL provider.

SSL is most widely used in the following types of websites:

  • Ecommerce websites where sensitive financial data and user information is transmitted . Also eCommerce websites do not get PCI compliant until they implement SSL on their website. This keeps the data secure and helps them gain the trust of their customers.
  • To discriminate an original and genuine website from a phishing website trying to deceive users into believing that they are the authentic ones since it’s very difficult for these fraudsters to obtain SSL certificates.
  • Payment processing merchants and banking institutions that process financial information and handle large amount of monetary transactions.
  • Government organizations that want to prevent the leakage of any kind of sensitive and official information online.

The uses of  SSL are many and in today’s world where hacking , fraud and phishing are the constant rise, using SSL can only say to be a wise decision. Moreover SSL is one of the on page SEO factors to rank your website on top of Google.