{"id":1104,"date":"2019-09-10T08:08:09","date_gmt":"2019-09-10T15:08:09","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=1104"},"modified":"2021-02-08T08:59:42","modified_gmt":"2021-02-08T16:59:42","slug":"how-https-protects-people-on-your-website","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/how-https-protects-people-on-your-website\/","title":{"rendered":"How HTTPS protects people on your&nbsp;website"},"content":{"rendered":"HTTPS means the same thing as SSL. The full tech terms are quite a mouthful: Hypertext Transfer Protocol Secure, and Secure Socket Layer. But what it all adds up to is encryption protection.\n\nAll encrypted websites have the \u2018http<strong>s<\/strong>:\/\/\u2019 and padlock icon in most browsers. If you only see \u2018http:\/\/\u2019, it means the connection between your browser and the website you\u2019re accessing is not secured.\n\nEncryption security is what protects the information people type in on websites, from their email address to their credit card details when shopping. That\u2019s why Google flags sites that don\u2019t have an SSL Certificate as \u2018Not Secure\u2019.\n<!-- \/wp:post-content -->\n\n<!-- wp:more -->\n<!--more-->\n<!-- \/wp:more -->\n\n<!-- wp:heading -->\n<h2>The Way Encryption Works<\/h2>\nWhen someone types in their personal details on your website, the data travels from the client (browser) to your web server (website). Encryption scrambles this data as it moves between the two points. At the two end destinations the data is unlocked. This ensures no-one else can break into the connection to snoop in. Only the website user and the website Admin get to see the unlocked information.\n\nAll SSL Certificates from reputable Certificate Authorities have the same industry standard encryption strength. Data protection is the main job of SSLs, and they do it reliably well.\n\nAnother thing to know about HTTPS is that apart from Multi-Domain SSL Certificates, it secures both the www. and non-www versions of your website. So whether a user types in \u2018www.yourbrand.com\u2019 or just \u2018yourbrand.com\u2019, the SSL encryption kicks in just the same. No need to buy two certificates for each version.\n<h2>What Wildcards Do<\/h2>\nMost SSL Certificates protect one or more website domains e.g. yourbrand.com, yoursecondbrand.com. But with a single <a href=\"https:\/\/www.ssls.com\/domain-type\/wildcard-ssl-certificates\">Wildcard SSL<\/a>, you can protect up to a hundred sub-domains too e.g. blog.yourbrand.com, press.yourbrand.com, charity.yourbrand.com.\n\nIn other words, you can grow your business and SEO almost without limit. All for the cost of one SSL Certificate which keeps your website customers secured.\n<h2>Credit Card Protection<\/h2>\nMost people these days have at least one credit card so they can spread out their online shopping costs. The Payment Card Industry Data Security Standard (PCI DSS) ensures people are protected by only allowing websites to take credit card payments from major brands if they\u2019re PCI compliant. HTTPS or SSL Certificates are one of the compliance regulations.\n<h3>Website Validation Explained<\/h3>\nAnother way that HTTPS or SSL Certificates let people know they\u2019re protected on your website is identity authentication, known as validation. There are three main types of SSL Certificate, depending on the validation checks that the Certificate Authority (CA) carries out to verify the identity of a website.\n<ul>\n \t<li>With Domain Validation (DV), the CA checks who owns the website domain. This protects people by ensuring that the website is properly registered and not some kind of scam. It only takes a few minutes for this check, so when SSL providers boast about super fast issuance, they\u2019re talking about this one. It\u2019s the most basic.<\/li>\n \t<li>Organization Validation (OV) lets people know both the website and the company are legit. The CA checks to make sure that the company who owns the site is officially registered (like Inc. in America or LLC. in the UK). It can take up to three days.<\/li>\n \t<li>With Extended Validation (EV), the CA checks the site domain, the official registration of the company, and the company listing in a public resource to show they\u2019re strongly established. This takes around 7 to 10 days.<\/li>\n<\/ul>\nWhen issuing an SSL, the Certificate Authority will provide a <a href=\"https:\/\/www.ssls.com\/knowledgebase\/what-is-a-site-seal\/\">site seal<\/a> to confirm your website has been validated. People can also check the validation level of your site in their browsers. These days, each browser has its own way of doing things, but the unchanging starting point people can use to find this info is by clicking on the padlock icon next to the HTTPS.\n\nValidation is almost as big a deal as encryption, because it gives website visitors the peace of mind in knowing they\u2019re dealing with a legitimate business. A survey by GlobalSign a couple of years back found that 85% of web users said they wouldn\u2019t buy through a website where they weren\u2019t certain their data was being transferred securely. By 2019, people are even more aware of the importance of online security.\n<h3>Take Away<\/h3>\nHTTPS or SSL encryption makes sure that the information given by your website visitors is kept safely private from criminal hackers and other shady characters. When people see the HTTPS and padlock icon in their browsers, they know their data is protected, their credit card details are safe on a PCI compliant site, and they\u2019re dealing with an authenticated business. If you have a Wildcard SSL, under one umbrella you can also keep your customers safe no matter what subdomain of yours they\u2019re on.","protected":false},"excerpt":{"rendered":"<p>HTTPS means the same thing as SSL. The full tech terms are quite a mouthful: Hypertext Transfer Protocol Secure, and Secure Socket Layer. But what it all adds up to is encryption protection. All encrypted websites have the \u2018https:\/\/\u2019 and padlock icon in most browsers. If you only see \u2018http:\/\/\u2019, it means the connection between [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1104","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1104","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=1104"}],"version-history":[{"count":3,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1104\/revisions"}],"predecessor-version":[{"id":1514,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1104\/revisions\/1514"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=1104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=1104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=1104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}