Blog

03 Sep 18

Buying a SSL Certificate And Keeping Your Customers Free From Worry

Julian Chan | Web Development

Your website is your online salesman. You rely on it to give customers the best impression, give your brand authority and showcase a trustworthy service. In the good old days, if you had a great service, good photography and compelling words, there was really no reason for your website not to win over your customers and deliver the goods…until now.

What are the dangers of not having a secure website?

In a transition from bricks-and-mortar businesses, many businesses have recognised the merit of online, with online sales making up 9.1% of retail currently. What follows positive digital innovation as eagerly as trusting customers are the negative crowd of ill-intentioned hackers, dodgy servers, bank fraud and data exfiltration. You’re not here to steal your client’s money, bank details or personal information but hackers can do so, through you. 

When a person, say Ashley tries to engage an online service or purchase a product, a few things happen. Their internet browser ( Internet Explorer, Firefox, Chrome, Safari) opens up a connection pathway to locate and talk to the server (where your website is hosted). As these servers are spread through diverse geographical points, this pathway of information is transmitted through a network of devices (routers, backbones, dedicated lines).

Taken to a seemingly straightforward form, Ashley plugs in her personal information and her bank details. Confidently hitting the ‘Enter’ key, she projects her details  innocently into cyberspace. Now, as these details are travelling through the connection pathway, it might also pass through servers that aren’t secure and can be hacked into, giving them access to Ashley’s bank and personal details.

Damage control following a break-in to sensitive data is costly and unprofessional, as experienced by eBay when their database was hacked into, prompting a site-wide alarm bell for their users. With a statistics report from ‘State of the Net’ exposing that phishing alone is costing companies $2.1 billion in damages, spyware costing $1.7 billion and viruses costing $3.3 billion, one can see why prevention is key to save on these costs.

 

Diagram showing a connection between browser and server that is not secure

 

How does SSL keep your customers and your business safe?

SSL Certificates are here for us to be proactive and look after Ashley and our other customers, to ensure that personal or banking details remain personal and private. Setting up an SSL Certificate for your website is essentially setting up a secure system that protects these connection pathways with a virtual key and padlock, so that the information sent back and forth is encrypted (scrambled) and only decoded with the correct key.

How will this affect my website?

As custodians of the Internet, Google launched Chrome 68 in July 2018, an update that enforces online security and universal encryption. If you have an SSL Certificate for your website, users are notified and reassured with either an alluring green “Secure” message, green padlock or glowing green bar.

In a push to create a safer virtual space that protects users from dodgy servers and hackers with bad intentions, Google alerts users when a website doesn’t have a SSL Certificate, displaying a ‘Not Secure” announcement. Sometimes, Google even goes an extra mile and warns the user with a “Not Secure” entry screen, with a ‘Proceed at your own caution’ screen, which usually results in a lot of bounces (users exiting the screen).

Top 3 facts about how the lack SSL Certificates affect user behaviour

  • 91% of internet users have received a “security alert” pop up message while browsing
  • 41% of these 91% continue on the site, trusting that the website is secure
  • 43% of these 91% are deterred and immediately leave the site

It is our responsibility to keep these 41% of users’ information safe and to instil confidence in the other 43% to increase conversion rates.

What is the process of installing an SSL Certificate?

It’s definitely not as simple as adding the letter S to the beginning of your URL. In fact this is potentially the worst thing you can do; claiming your website is secure when it isn’t causes Google to raise a red flag for the user, through displaying an uneasy ‘Not Secure’ message. Buying a virtual security system for your website is well-regulated process that relies on each step to be fulfilled before moving onto the next; think of it as passing a mini-boss in a game to make it to the next level.

Whilst this is something you can leave in the hands of our developers, we don’t mind sharing a bit of that expert knowledge, our heart is to share and empower. So we’ve digested the meticulous process, into 3 bite-size digestible steps:

Step 1: You create a custom key on the server, one that in essence is virtually stamped with your company ID, let’s say in this case ‘Company X’. This virtual key requires a lock to be fitted and so naturally we proceed to send it off to the SSL Company, aka the Internet’s locksmith.

Step 2: The SSL Company sets about a verification process to ensure that virtual key really does belong to your company and that you do own Company X. You wouldn’t want any Tom, Dick or Harry off the street claiming they own Company X and getting away with it! While the length of this process can vary depending on how many valid points of Proof of Ownership you own, the end aim is for the SSL Company to give you a thumbs up.

Step 3: Upon receiving the nod of approval, it’s pretty straightforward from here on out. The virtual lock is created and sent to you. The developer does their magic through installing the set of locks provided and doing some code updates throughout the database. And voila, there you have it, a website with a virtual lock and key, a ‘Security Certificate’ and the addition of that vital letter ‘s’ successfully added to your URL.

 

Diagram showing a connection between browser and server that is secure

 

What are the Costs?

The costs varies depending on the kind of business and service you provide online, a cheaper SSL Certificate may suit your needs if you’re a simple information site whereas an e-commerce website might require a more comprehensive one. There are various SSL Certificate providers for you to consider and purchase your SSL Certificate from. The process of installation and verification can be completed via reputable web development companies.

How can we help?

Our developers are on hand if you have any questions regarding the SSL Certificate Installation Service. Give us a call today on 03 9912 6403, if you would like to discuss obtaining a website security certificate; we can analyse what you need, organise and fit the locks on your website to help your website start performing and converting better in line with Google’s changes.