An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail.
SSL certificates also inspire trust because each SSL certificate contains identification information. When you request an SSL certificate, a third party (such as RapidTemok, Thawte, Comodo, GeoTrust, Symantec etc.) verifies your organization’s information and issues a unique certificate to you with that information. This is known as the authentication process.
SSL certificates keep online interactions private even though they travel across the public Internet, and they help customers gain the confidence to provide personal information on your website. If you ask users of your website to sign in, enter personal data such as credit card numbers, or view confidential information such as health benefits or financial accounts, you need to keep the data private. You also need to assure them that your website is authentic. SSL is also used for email servers, web-based applications, server-to-server communications and more.
Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key has more possible combinations. In fact, 128-bit encryption is one trillion times stronger than 40-bit encryption. When an encrypted session is established, the strength is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.
An SSL certificate contains verified information about the web site it secures to help users confirm that they are communicating with your web site. Extended Validation is the industry’s highest standard of verification and provides the most visible assurance to users: the address bar turns green in high-security browsers.
When you display the SSL Trusted Site Seal, users can click the trust mark to view web site identification information, the third party (such as RapidTemok, Thawte, Comodo, GeoTrust, Symantec etc) that verified it, and the expiration date of the SSL certificate. In newer browsers, web site identification information may appear when users hover over the address bar. They can also click the closed padlock icon.
Authentication means that a trusted third party (such as RapidTemok, Thawte, Comodo, GeoTrust, Symantec etc) has verified the identification information contained in your SSL certificate, assuring customers that your site is actually your site. Concerns about fraud and identity theft have made users more hesitant to share personal information with unfamiliar web sites. However, 86% of online shoppers feel more confident about entering personal information on sites using security certificates.