Network Solutions

SSL Certificates Signal Safety

Internet Security Learning Center

Helping to keep your web site secure

Learn how to secure your Small Business Web site from threats and how to create trust and increase confidence in your e-commerce offerings by using SSL Certificates, Site Seals, privacy policies, and copyrights and trademarks.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Web Security > SSL Certificates Signal Safety

SSL Certificates Signal Safety

 

Even if you've never done more than look at a shopping or financial Web site, you've probably noticed the official-looking seals that are found near the bottom of some sites' Web pages. Often, these seals indicate that the e-merchant uses an Secure Socket Layer (SSL) Certificate (also known as a digital certificate) to ensure the security and trustworthiness of their sites. SSL Certificate are issued by third-party companies called Certificate Authorities (or "CA's") that first verify some basic information about the applicant and then guarantee the validity of a site and the level of security the site offers.

When you visit a retail site and prepare to make a transaction, for example, the SSL Certificate communicates with your browser, confirming the site's trustworthiness and establishing a secure connection with the merchant's Web server. The certificate also uses Secure Sockets Layer or Transport Layer Security (TLS) technology to encrypt the data exchanged between the Web server and your browser, protecting your credit card number and other sensitive information as it travels across the Internet. Even if a merchant doesn't display a seal indicating that it is protected by an SSL Certificate, it may still have one; look for the closed padlock icon on your Web browser and check the site's security policies to ensure that it uses SSL Certificate technology.

The certificate can also divulge valuable information about the merchant. Just click on the certificate or padlock icon to make sure it answers these crucial questions.

Who Issued the Certificate?

Check if the issuer's name, which appears on the certificate, is among those your browser considers a trusted Certificate Authority. To do so in Microsoft's Internet Explorer, for example, click on "Internet Options" under the "Tools" menu, then click the "Content" tab, and finally click on "Certificates" and review the "Trusted Root Certification Authorities".

Are the Certificate and Merchant Valid?

The certificate should display the company's address, as well as a testament that the certificate issuer has authenticated the company's business credentials. Be sure to check the certificate's expiration date, and exercise caution when entering private information on a site whose certificate is out of date.

Does the Issuer Offer a Guarantee?

Some certificate issuers will compensate you if one of their customers makes fraudulent charges to your credit card-but only when the issuer is at fault for not checking the company out thoroughly enough.

You don't need to view all of this information to ensure that a certificate is valid. Your browser checks every certificate it encounters and can be configured to warn you via a pop-up message if the certificate is not valid. It's up to you to read the warning screen carefully before and decide whether to proceed with your purchase.

The Bottom Line: A third-party SSL Certificate is an important indicator that a merchant site is secure and trustworthy. It pays, however, to look more closely at the information contained within the certificate if you have any questions or doubts about a site.