SSL Certificates: Do I Need Security on my Website?

There has been a lot of talk about SSL and the security it provides lately. Many clients are coming to me for SEO and asking if they need this but they don’t really understand what the purpose of an SSL certificate is. I would like to clear up some misconceptions. Not everyone needs the added expense of SSL – just yet, at least.

What Is SSL?

SSL stands for “secure socket layer” and it is just one of many security measures that can be taken to protect personal information from being intercepted by someone who should not have access to it.

Perhaps this is better explained by a real world situation:

Let’s say you have a shopping cart built in on your website and you are allowing your customers to pay by credit card online. In order for that transaction to occur, a number of steps have to happen for the money to get to you.

First, in their web browser, the customer enters their personal information, including their address and credit card numbers.

Then, that information is sent by your customer’s web browser, to a third party called a payment processor, who handles alerting the credit card company of the charge.

Once they are alerted of the charge, the credit card company contacts your bank and eventually gets the money over to you.

This is of course, the most simplified explanation of the process of a credit card transaction, but there is really only thing that you, the merchant, need to worry about, and that is: is my customer’s information safe?

You can’t do anything about their information once it has reached the credit card processor and bank, and those systems are decently secure. But you CAN help safeguard the customer’s information on your website and when it is being moved between.

SSL is a like an armored guard for information that is in the process of being transmitted between two different locations.

The SSL certificate ensures that your customer’s credit card, address, name, etc, is escorted over to the payment processor without being kidnapped by a bad guy. It does this by taking a regular bit of text and disguising it with a system that is very complicated.

For example, a “hello” input onto your site, might be transmitted as looking something unreadable – like “290hioufgdasjl1380fgsjk32u904u3i2h@h3lw.”

Do I need SSL?

This depends upon your situation. If you have a self hosted web store, you absolutely must have one. If you are using a PayPal button, and your clients/customers are paying ON paypal’s website, you don’t need it. Talk to a web expert if there is any question!

Does SSL protect me against hacking?

Absolutely not. The purpose of SSL certificates are to protect the information that is passed from your website to another website.

Hacking can be caused by many factors, such as server setup/bad hosting, WordPress not being properly updated, plugins being out of date, bad passwords, etc.

Talk to a web developer or server expert if you are worried about your website being hacked. While there is no way to 100% prevent your website from being hacked, a web expert will be able to help you make sure that your site is protected the best it can be.

Does SSL help my SEO?

Having an SSL certificate at the moment does not really change your location on the search engine, but it might in the future.

Because SSL changes your website URLs, the process of adding one when you have already done a lot of SEO on your website should be done carefully by an SEO expert.

If you are a new site, this won’t matter as much.

General Consensus

If you don’t sell anything directly on your website and you aren’t taking personal information, you don’t really need one, but it’s good to know about it for the future.