Digital India SiteLock



SSL Myths & Facts

Myths & Facts about SSL Certificates

Myth#1

 

 I don’t Store Credit Card So I don’t Need SSL

That doesn’t automatically make you or your customers safe. There are many ways cyber attackers can wreak damage to your organization and reputation.

Facts

  • You need the highest levels of protection:-

You need to have the highest levels of protection in place to keep hackers at bay. This means having safe areas for your customers where they know they are out of harm's way, as well as operating the highest levels of security for log-ins and passwords.

  • Personal Details can be misused:-

Such as names, email address, contact numbers and mailing addresses. If you collect personal data, identity theft may become a plausible threat to customers. Take the necessary precautions; otherwise, it can be devastating to your customer and your reputation. Increasingly, customers are educated online shoppers and won’t buy if you don’t have an SSL certificate.

  • Low Visitors On Website:-

If your site has forms that ask for sensitive, personal information you should be using an SSL Certificate. Otherwise, that data is transmitted in clear text. Not having SSL on your site could mean that you are missing leads due to visitors not filling out forms on unsecured pages.

Even if you don’t sell online, customers will appreciate care taken to protect personal data


Myth#2

 

I don’t need SSL on all my web pages

Many organizations use the SSL/TLS (Secure Socket Layer/ Transport Layer Security) protocol to encrypt the authentication process when users log in – but fail to encrypt subsequent pages during the user’s session. This is not a good practice because the intermittent use of SSL won’t keep users safe in the face of today’s burgeoning threats.

Facts

  • People are spending more time logged in

People now spend more time logged in, and this has seen a surge in cybercriminals targeting consumers using a method called ‘side jacking’. This takes advantage of consumers visiting unencrypted HTTP web pages after they have logged in and allows hackers to intercept cookies (typically used to retain user-specific information such as username, password and session data) when transmitted without the continuous protection of SSL encryption.

  • Any company serious about protecting customers will implement Always On SSL

You need end-to-end security that can help protect every web page your users visit. ‘Always on SSL’ is a fundamental, cost-effective security measure for websites that help protect the entire user experience from start to finish. It is supported as best practice by leading industry players such as Google, Microsoft, PayPal, Symantec, Facebook, and Twitter. Any company serious about protecting their customers and their reputation will follow their lead and implement Always-on SSL, with SSL certificates from a trusted Certificate Authority.


Myth#3

 

All the certificates provided by CA’s are the same.

Facts

No, they are not. There are several types of certificates on offer – and not all can be trusted to the same degree.

Domain Validated (DV)

The lowest cost means of securing a website, this does not provide authentication or validation of the business behind the website.

Organization Validation (OV)

These certificates include full business and company validation from a certificate authority using currently established and accepted manual vetting processes but are not validated to the highest standards set by the CA/B Forum.

Extended Validation (EV)

Fully validated by the meticulous guiding principles set by the CA/B Forum, providing the highest levels of security and trust to end users. The entire address bar will turn green to ‘safe’.

Opt for an SSL certificate with EV from a globally recognized CA

Always opt for an SSL certificate with EV from a globally recognized certificate authority, such as Symantec, Geotrust, and Thawte. These certificates guarantee the business is legitimate, whereas many other types only validate the domain, not its owners and operators.

Add the seal of assurance

Trust marks/seals are another important means to reassure customers that it is safe to shop on a site. The Trusted Site Seal of CA’s like Symantec, Thawte, Geotrust gives your website instant credibility in the online world by visually reassuring customers that your site’s identity has been verified and secured with SSL.


"https.in is the platinum partner of world's leading CA's. We are the best SSL Certificate provider to buy SSL Certificate online

Sectigo
DigiCert
Thawte
GeoTrust
RapidSSL

Recent Blog Posts

Questions?

Call Us

If you have any questions, feel free to call us

Newsletter Subscription