To apply as a writer on this blog, Email us on [email protected]
Add me as a friend on FACEBOOK: CLICK HERE to add me on FaceBook

Receive Daily Updates

Enter your email address:

Monday, March 14, 2011

How to Increase Online Security: Use SSL Certificate

The internet is now the medium that everyone wants a piece of. Whether its to find information at the touch of a button, open a business to a global market, buy almost anything you can think of, or simply watch the latest Lady Gaga video, more and more people are getting online and exploiting its benefits.
But with the increase in the use of the internet, comes the enviable rise in online fraud and identity theft.
Lets imagine the security risks if you had your bank statement sent to you in a see-through envelope. Anyone who saw the envelope could see your bank account details as well as your name, address and other private information. A serious case of identity fraud could then ensue. Of course this shouldnt happen as letters are hidden by solid envelopes.
And thats what needs to happen when we enter personal information online. It too needs to be hidden from potentially prying eyes. But with the number and ability of online hackers increasing exponentially, this has become more and more of a challenge for the e-commerce industry.
So, is there an answer to ensuring that we can buy and sell online in a safe and secure environment? Yes there is and that answer is the SSL certificate.
What is an SSL certificate?
SSL is an acronym for Secure Sockets Layer and is a network protocol supported by all popular web browsers. SSL works by establishing a private communication channel when a user enters sensitive data into a website e.g. credit card details. The information is then scrambled into a language which makes it virtually impossible to decode.
How does SSL work?
When a business requests an SSL certificate from a Certification Authority such as Verisign or Rapid SSL, they will be issued with a secret key which needs to be kept securely on their web server. Once they receive the SSL certificate, it also needs to be installed on the web server; effectively matching up the SSL certificate to the SSL key. Because the SSL key is only ever used by the web server, this process is a means of proving that the web server has permission to use the SSL certificate.
In order for a secure communication channel to take place using SSL, an SSL handshake has to take place. This involves the browser which the customer is using to enter the sensitive data e.g. bank account details, sending a request to the server to check whether the SSL certificate matches with the SSL key. If it does then the web server will authorise an SSL session to take place with the browser and the user can enter their details safe in the knowledge that their information cannot be deciphered by a hacker. This process takes only a split second and should cause no interruption to the user.
Who needs an SSL certificate?
You should seriously consider using an SSL certificate if your business:
processes credit or debit payments online
stores or transmits with personal information such as addresses, dates of birth, ID numbers
have a login area on your site
want to be seen to be complying with the latest online security
How secure is SSL?
How strong the encryption of the data is can vary depending on the SSL provider, but it is usually 128 bit. This is good enough to ensure that most data cant be decoded even by the most advanced hackers with the best available technology and hardware.
How do you know if a website is using an SSL certificate?
You can tell if a web site is using an SSL certificate by checking for the padlock symbol on the website. Also, when you go to make a transaction your browser will indicate that it is using an SSL secured session by changing the http to https. To view the certificate, users just need to click on the padlock icon.
What happens if I lose my SSL key and/or certificate?
Should you lose either the SSL Key or the SSL certificate you will no longer be able to use SSL on your web server and you will need to purchase a new one. Or you can ask the company you purchased your SSL certificate from to issue you with a replacement certificate.

0 Visitor Reactions & Comments: