That little green lock icon in the address bar of a website is a common sight, especially if you are doing any online shopping. It means the site is safe to use, but what does that green lock actually do to protect you?
In order to understand this, it’s important to understand how information on the Internet gets from its point of origination to its destination. Unlike a direct flight from DC to New York, data on the Internet must pass through several computers and servers along its way from point A to point B. Just like an indirect flight where you need to make a connection, data that must travel through multiple points has the potential to get delayed, lost, or intercepted by people with unsavory motives.
That little lock icon, also known as a Secure Sockets Layer (SSL) certificate, gives site visitors confidence that the data they submit through the website will not be compromised during its journey.
So how does it all work? An SSL certificate encrypts data so that someone can’t intercept it while it is traveling across the Internet from point to point. Encryption is defined as “the process of converting information or data into a code especially to prevent unauthorized access.” Without encryption, your personal information would be available for viewing in clear text. This could happen at at any point along its journey leaving you vulnerable to possible credit card or identity theft.
Let’s say you are shopping on a website that does not have an SSL certificate, and you input your name as “John Doe.” When you click submit, your name will be sent across the Internet as “John Doe,” visible to anyone who happens to intercept that data at one of its many stops. However, if the website is secured by an SSL certificate then “John Doe” will be transformed into text like “84tj3kjduhFJUE9hFshf933hfs943”. Once the web server receives the message it will decrypt that text back into the original “John Doe.” This same process occurs for passwords, credit card numbers, and all other data that is protected with SSL.
To determine if a website has an SSL certificate just take a look at the URL. Websites that are secure will begin with https. Google also displays the ‘Secure’ badge in the address bar of sites with an SSL certificate, giving visitors an added level of confidence in the company. Sites without an SSL certificate will have the ‘Not Secure’ badge, which may cause visitors to doubt the security of your site and leave without completing any transactions.
If you have a website that collects sensitive information from visitors, it is imperative that you have an SSL certificate. Even if your site does not collect sensitive information from visitors, the lack of a valid SSL certificate leaves your content management system vulnerable to hackers. WordPress, the most popular content management system in the world, is extremely vulnerable to hackers when it’s not properly secured. Be sure to secure it properly.
Whether you are a consumer or a website owner, it’s important to understand the value of an SSL certificate. Not only does the certificate inspire consumer confidence and protect businesses from unwanted data breaches, but it also helps increase a website’s rank in Google search results.
Businesses – it’s in your best interest to install valid SSL certificates on any websites that they have. If you don’t know how to then get with your web developer and get on a WordPress Support plan.
Consumers – it’s in your best interest to always look for that little green lock before you submit any sensitive data online. Following these best practices can help make online transactions safer for everyone.
By the way, SSL is actually the name for a slightly older technology. The newer technology that provides improved, but similar, encryption and protection is called a Transport Layer Security (TLS). Although TLS largely superseded SSL several years ago, for some reason it’s all referred to colloquially as SSL or sometimes TLS/SSL.