|
|
|
|
|
|
|
What is SSL (the little padlock)?
SSL ("Secured Socket Layer") is a protocol used to encrypt the communication between the user's browser and the web server. When SSL is active, a "little padlock" appears on the user's browser, usually in the status line at the bottom (at the top for Mac/Safari users.)
This assures the user that sensitive data (such as credit card numbers) can't be viewed by anyone "sniffing" the network connection (which is an increasing risk as more people use wireless networking).
Common web site owner questions about SSL:
How do I get the little padlock on my site?
To get the little padlock, your site must have an SSL Certificate from a Certificate Authority. Once an SSL Certificate has been purchased and installed, it provides three things:
Once obtained, the certificate must be installed on the web server by your web host. Since your web host also has to generate an initial cypher key to obtain the certificate, very often they will offer to handle the process of obtaining the certificate for you.
My web host has a "shared certificate" that I can use. Should I?
It's still fairly common for small sites to use a shared certificate from the host. In this circumstance, when a page needs to be shown in secured mode, the user is actually sent to a domain owned by the web host, and then back to the originating domain afterwards.
A few years ago, when SSL Certificates were quite expensive (around $400 per year), this was real attractive for new sites just getting their feet wet in e-commerce. Today, with a number of perfectly functional SSL certificates available for under $100 (exclusive of installation, etc.), it is a lot less attractive. Since your user can look a the address line of his or her web browser and see that the site asking for the credit card number is not the site he or she thought they were on, the cost savings is probably not worth the risk of scaring off a sale.
What's the difference between the expensive SSL Certificates and the inexpensive ones?
Usually, mostly price. Some expensive certificates have specific functions, like securing a number of different subdomains simultaneously (a "wildcard" certificate), but the effective differences between basic single site certificates are very slight, despite the wide range of prices:
The encryption mechanism used by all of them is the same, and most use the same key length (which is an indicator of the strength of the encryption) common to most browsers (128 bit).
Some of them ("chained root" certificates) are slightly more of a pain for your web host to install than others ("single root" certificates), but this is pretty much invisible to the site owner.
The amount of actual checking on the ownership of the domain varies wildly between vendors, with some (usually the more expensive) wanting significant documentation (like a D&B number), and others handling it with an automated phone call ("press #123 if you've just ordered a certificate").
Some of them offer massive monetary guarantees as to their security (we'll pay you oodles of dollars if someone cracks this code), but since it's all the same encryption mechanism, if someone comes up with a crack, all e-commerce sites will be scrambling, and the odds of that vendor actually having enough cash to pay all of its customers their oodle is probably slim.
The fact is that you are buying the certificate to insure the safety of the user's data, and to make the user confident that his or her data is secure. For the vast majority of users, simply having the little padlock show up is all they are looking for. There are exceptions (I have a client in the bank software business, and they feel that their customers (bank officers) are looking for a specific premier name on the SSL certificate, so are happy to continue using the expensive one), but most e-commerce customers do not pick their sellers based on who issued their SSL Certificates.
My advice is to buy the cheaper one.
I have an SSL certificate -- why shouldn't I serve all my pages in "Secured" mode?
Because SSL has an overhead -- more data is sent with a page that is encrypted than a page that isn't. This translates to your site appearing to run slower, particularly for users who are on dial-up or other slow connections. Since this also increases the total amount of data transfered by your site, if your web host charges by transfer volume (or has an overage fee, as most do), this can increase the size of your monthly hosting bill.
The server should go into secure mode when asking a user for financial or other sensitive data (which may well be "name, address and phone number", with today's risk of identity theft), and operate in normal mode otherwise.
Updates to this article, and many other great articles and tutorials for small business web site owners can be found at Insanely Great Sites!
Advertisement: Honest Riches - Click Here!
Advertisement: Lost AdWords - Click Here!
Advertisement: Get $1 Million A Month In Google Pay-Per-Click Ads Free! - Click Here!
Advertisement: Who Loves Money? - Click Here!
Advertisement: SEO Elite, the GrandDaddy of SEO Software - Click Here!
PR.com (press release), NY - 22 hours ago
Mikija, designers of unique papyrus handbags, today announced the launch of their new, direct-to-consumer, ecommerce website www.mikija.com. ...
MarketWatch - Jul 15, 2008
The new eCommerce site was successfully launched in just 100 days with MarketLive(R) FastTrack 2008 and is now processing orders in time for the company's ...
Money Management, Australia - Jul 17, 2008
“The US and UK are thought to be the most tech savvy, but the conversion rates suggest otherwise when it comes to e-commerce. US consumers tend to place 3.3 ...
TransWorldNews (press release), GA - Jul 17, 2008
JDM, an innovative, full service marketing firm, announced today the launch of their client, Omaha's GI Surplus, new eCommerce website. ...
MarketWatch - Jul 14, 2008
"The online channel is critical to our success as a high-end retailer," said Don McNichol, eCommerce Director for Intermix. "Not only does it provide an ...
MarketWatch - Jul 16, 2008
SALT LAKE CITY, July 16, 2008 /PRNewswire via COMTEX/ -- Infopia, the leading SaaS eCommerce platform provider, announced today the expansion of its Web ...
SaaS Vendor Infopia Offers 'Expansion' of Web Services TMCnet
all 10 news articles
iTWire, Australia - Jul 15, 2008
Are you an experienced eCommerce Business Analyst looking for an opportunity to work in a challenging, interesting and complex environment? ...
Technical Business Analyst --- Financial Markets iTWire
all 2 news articles
MarketWatch - Jul 15, 2008
InSiteCommerce is the next generation in ecommerce software providing B2B and B2C ecommerce features with the deepest level of ERP integration available ...
Palluxo! - Mac Dose of All Things Apple
Palluxo! - Mac Dose of All Things Apple, Canada - Jul 18, 2008
Dana: We work in the world of ecommerce – building successful online websites (and strategies) for our client base. We know that mobile applications are a ...
InternetRetailing.net, UK - Jul 17, 2008
However, most mid-tier fashion & lifestyle retailers would admit that their current eCommerce solution bears little resemblance to the in-store experience. ...
Outsourcing Your Ecommerce Order Fulfillment
When your eCommerce business grows to the point where you can no longer package and ship the orders yourself, it's time to begin outsourcing your order fulfillment.... Read More
How To Start An Internet Business ? Content, Content, Content
When it comes to e-commerce, the time-tested cliché is, "Content is king." In this case, the cliché is correct.ContentFor the purpose of this article, content is defined... Read More
The Ecommerce Business Plan
Simply put, business plans can make or break your business. Starting a Drop Ship business online is no different from starting a traditional non-online business. With the... Read More
Expand Your Local Business Through the Internet
To obtain more local customers for your business, consider expanding your local business through the Internet. Here are some ways of doing so.1. Online DirectoriesEven without a... Read More
Drop-Shipping ? A Great Way of Making Money Online
Using the Internet to sell products and services to ever increasing number of net users is a good way to start your own business. If you are... Read More
Choosing on Order Fulfillment Service
When your eCommerce business grows to the point where you can no longer package and ship the orders yourself, it's time to begin outsourcing your order fulfillment.... Read More