Your new business site is hosted in a PCI compliant environment, you've just signed up with a reliable merchant provider, and you have a secure shopping cart – certainly there's nothing else you need, right? Wrong! While online security protocol may seem redundant, each measure has its purpose, and one you do not want to forget is the acquisition of a SSL certificate.
All right, you're wondering, what are SSL certificates, and why are they important?
What They Do
SSL certificates are used to confirm the identity of a website server, encrypt transmitted data, and protect the integrity of data during transmission. SSL layers, which stands for Secure Socket Layer, are cryptopgraphic protocols that provide security of network communication, such as communications over the Internet – the world's largest network. More specifically, they prevent deciphering by third parties by scrambling the data transmitted between a customer's browser and server the business is hosted on. Once the encrypted data arrives at the secure server, it's safe to be unscrambled once again.
In a few split seconds, a lot happens to keep your data safe:
1) the browser and server exchange encryption options and agree on an encryption method for the transfer;
2) the browser authenticates that a server's certificate was issued by a trusted certificate authority;
3) the encrypted data is sent from browser to server;
4) a key is used to authenticate the transmission's integrity.
As you can see, a lot happens at the press of a "confirm" payment key and avoiding the perils that can befall customer's private financial data is essential for online businesses, which is why you need an SSL certificate. The only question is, then, where do you get one, and is any certificate acceptable? That is, do all SSL certificates extend the same level of security?
Getting Properly Secured
In the end, the security level of any data transfer is limited by the capabilities of the browser, but most newer commercial browsers support 128 bit data encryption, which is almost mathematically impossible to crack. For SSL certificates offering 128 bit encryption or better, there's no significant difference in security. However, each CA (certificate authority) is responsible for verifying that a business is, in fact, a legitimate entity who owns the domain in question, and different CA's may require different authentication requirements.
When purchasing an SSL certificate, keep in mind that consumer trust of SSL CA's (certificate permissions) may vary, and you want your customer's to feel protected, so look for a brand with strong online recognition. One reliable inexpensive company offering SSL certificates with their affordable ecommerce program is http://www.awdcommerce.com/
Cost
Prices for SSL certificates may vary. We served one client who reported paying $ 120 for his existing SSL, but most CA's are significantly less expensive.