When browsing the web, you may notice differences between web addresses for different sites—some websites have addresses that start with HTTP, while others have web addresses that start with HTTPS. But what’s the real difference between these two prefixes?
Hypertext Transfer Protocol, or HTTP, was created as a way to share information across the internet. When you access a website from your computer or mobile device, your web browser uses HTTP to communicate with the site’s web server.
The problem is that it might be too easy to send data this way. Once you know how HTTP works, it’s easy to find and intercept data as it travels across the internet—leaving HTTP websites vulnerable to hackers. That’s where HTTPS—and SSL Certificates—come into play.
What is an SSL Certificate?
HTTPS, or Hypertext Transfer Protocol Secure, uses a Secure Sockets Layer (SSL) to encrypt data transmitted via the internet. An SSL Certificate is simply the proof that this security layer is present on the site.
Whenever information gets sent from a browser or device, the SSL provides a form of coded encryption that scrambles the information into a random series of characters. Once the information arrives at its destination (another computer or server), it gets unscrambled back to its original format. This prevents prying eyes—whether individuals or malware—from stealing sensitive information.
Why are SSL Certificates important?
For ecommerce stores especially, SSL Certificates are essential to ensuring a secure shopping experience for your customers. Here are a few of the key benefits of ensuring that you maintain an active SSL Certificate for your online store:
- Safety: Installing an SSL Certificate on your ecommerce store means that your customers are protected. You can be confident that when customers check out on your site, their credit card information is safe. Even if you do not accept credit card payments on your store (perhaps you use PayPal, for example), an SSL can still be beneficial. For example, if you have a login page without an SSL, any sensitive password information will be sent in plain text without encryption.
- Confidence: Along with safety comes a feeling of trust. When customers see a padlock in the URL bar for your website, they are confident that their information is secure while on your site. Many shoppers may not understand the technical function of an SSL, but they know to look for secure site indicators that show they’re protected.
- SEO and Page Placement: Although it is not the only factor when it comes to SEO placement, having an HTTPS website can help improve search rankings. Google will continue to place more emphasis on HTTPS for ranking as time goes on.
- Integration: Outside of Google, other third-party integrations—such as Facebook—require encryption. These companies want to protect themselves from liability, meaning that anyone who wants to work with them or connect to their server is required to have protection as well.
How do you obtain an SSL Certificate?
Most modern ecommerce platforms (like ours!) include SSL Certificates in their pricing plans. With an SSL Certificate provided by your ecommerce platform, you won’t need to worry about doing anything extra to maintain this level of security.
In cases where your ecommerce platform does not provide you with an SSL Certificate—or where you want to use a different SSL Certificate with alternate or extra security features—you’ll need to follow some steps to ensure that it is installed correctly.
- Choose your authentication level: Your choices between authentication levels are Domain Validation (DV), Organization Validation (OV), or Extended Validation (EV). DV is the most basic and easiest to obtain, whereas EV is the most secure, requiring the longest time to issuance and greater cost.
- Choose your encryption strength: The higher the encryption strength, the more secure the site. Nowadays, most websites use a 256-bit encryption strength.
- Choose your brand: There are a lot of providers out there, but you may want to pay a little extra cash for more well known SSL providers like Norton, GeoTrust, or Thawte.
- Purchase your certificate: Follow the instructions provided by your SSL purchasing provider to purchase, install, and verify your certificate. These will vary depending on which authentication level you have chosen, but can take anywhere from 1-5 days.
To ensure that your SSL Certificate is properly installed and working, check to make sure that the web address bar contains the “HTTPS” prefix (similar to https://volusion.com) and displays a padlock icon on the far left.
Keep in mind that SSL Certificates only last for a specified amount of time (typically 1-2 years), so keep track of when you purchased yours and when you’ll need to remember to renew it.
If you’re taking the important step of establishing an online business, one of your top priorities should include security for you and your customers. As the internet moves to an age where safety is key, using an SSL Certificate to operate your website is one of the best decisions you can make to boost customer confidence and sales.