SSL Certificates Explained

SSL

The fact that the world is becoming more interconnected every day, one is likely to question why there haven’t been more virus attacks and large-scale occurrences of hacking taking place. It seems logical, right? The more of the world there is to hack, the more frequent hacking should be taking place. But no, and there is an elegant and brilliant little system at work – and has been working for many years, right under your nose. It is called Secure Sockets Layer, or SSL.

 

So, What is SSL?

SSL is a lightweight system of checks and balances that help in two key areas of online activity. Firstly, with securing the information exchanged in the session. Secondly, by maintaining a level of trust in the holder of the SSL certificate. This may seem a little complex at the moment, but it comes down to ensuring that the computer is speaking to the correct server, through a private connection that, even if someone tried to listen in, wouldn’t understand what is being said. Nifty, hey?

 

How it works, in Simple Terms

Like you, a human would, when meeting someone new, you shake their hand when you greet them. A similar process happens when SSL is being verified. Without going into too much of the technical details and how this verification step works. Let us use the image of a ‘Digital Handshake’ as the best way to describe the interaction. Computer sends request to Server. Server and Computer exchange a set of public and private keys in order to set up the relationship. If everything checks out, they signal to eachother that from that point forward all communication will be encrypted. Done. It seems simple when summarised like that, but in reality this is an immensely efficient process. It takes mere seconds to happen and is still one of the best safeguards against hacking etc. to date. What makes it especially powerful is that it takes only a moment to initiate, and after that, any information intercepted between the two parties, will look like complete gibberish. Because the information being traded is locked with a 128-bit encryption, which, if you read our article about Password Strength, you would know, is no joke.

 

How does one obtain such a Certificate?

Well, you don’t really need one. There is no requirement or law dictating that you need SSL on your site. However, modern browsers will obstruct immediate access to any site without an SSL Certificate, until the user instructs it to proceed. You can code your own SSL checking code if you wanted to, and it will work. The only problem would be that yours will not be as trusted as those generated by an accredited company, or Certificate Authority. To get the absolute best SSL Certificate possible, the company in question needs to apply to a CA to get one. Depending on the type of SSL the company wants, the CA will do the necessary checks to vet the company. If all comes out squeeky clean, then the company gets its Certificate. Like applying for a Passport. The more intensive the investigation by the CA the higher the certification and trust. But, also, the higher the price. SSL Certificates from a tip CA will not be cheap. But it affords near immediate trust in the eyes of browsers. Meaning no warnings when users are entering any sensitive information, like banking details.

 

Any reasons connected to SEO?

Predictably, we bring this topic back around to SEO, and for good reason. Understandably, Search Engines have adopted the mentality that any aspect of an online platform that has to be purchased, it a positive indicator of authenticity. And rightly so, if you were trying to hack your way to making millions, chances are that you already don’t have much of a budget to begin with and thus, won’t want to put any of your precious funds at risk. And fortunately, SSL is one of the best Ranking Factors out there. Because its easy to get and install, SSL is an immediate SEO bump that keeps paying for itself. The longer you have it, the better you perform. From a Search Engine’s perspective, consider the view. You have paid for an SSL Certificate, which keeps everyone’s information safe, which is very considerate of your users. You get a positive rank.

 

Conclusion

In today’s world where information is more readily available than every before in history, it makes sense that one of the last remaining ways to verify the authenticity of someone’s online dealings, is by looking at how much they spend on it. Its not great for your wallet, but some of these features really do make you stand out. If you choose not to, that it also okay – but don’t expect the Search Engines to be compassionate when you end up on their 3rd page (which exists even less than the 2nd page – which doesn’t exist at all!)

 

Source 1, Source 2, Source 3