UNDERSTANDING SSL
In the
fast approaching technological environment, privacy and online security is a
major threat. Whether you are an individual, a business man, a shopkeeper, a
bank or a corporate, you always pay extra attention towards physical security as
it is a major concern for everybody. The same approach is necessary for online
security which will give one a sense of security while sharing private and
sensitive information over internet.
In recent
years Internet users has crossed the 100 million mark in India. Internet has
been used not only accessing information, but also for buying goods and
services and paying utilities bills. We have witnessed many instances of credit
card frauds and hackers hacking the banking sites. After seeing the instances,
many Internet users hesitate sharing their credit card information over
internet when they get the offer online.
In
order to provide safer experience over online security, most of the e-commerce
sites and banks have integrated SSL (Secure Socket layer) which establishes
encrypted connection between two sites, ensuring complete security of your
valuable data.
What is SSL (Secure Socket Layer)-SSL stands for Secure Socket Layer which establishes a secure encrypted connection between visitor’s website with your webpage, so that whatever information is being transmitted is secure between two nodes. SSL has been integrated by most of the sites including Facebook, Gmail, Billdesk, Citibank, eBay and all the financial institutions for providing secured distribution of information such as payment details, emails and other form of information. SSL creates a private and safe channel for you to communicate.
What
is SSL Certificate?
SSL
Certificate is a digital computer file or computer code that ensures
authenticity and integrity of information distributed between two parties over
internet. Two parties could be a buyer and seller or a client and a bank.
Authenticity
and Verification:-The
SSL certificate has the information about the authentic details regarding the
identity of the person, nature of the business or website which will display to
visitors on your website. This technique will give the visitors a sense of
security that they are in the right site where they wish to log on.
Data Encryption:-The SSL certificate also enables encryption, which means any data exchanged via website cannot be intercepted and read by anyone other than the authentic recipient.
Data Encryption:-The SSL certificate also enables encryption, which means any data exchanged via website cannot be intercepted and read by anyone other than the authentic recipient.
The
popular SSL certificate providers are VeriSign, GoDaddy, Comodo and Digicert.
The most popular SSL certificate provider is VeriSign. VeriSign has started
issuing SSL certificate in 1995. This is now being acquired by Symantec in August
2010. Any sites who wish to provide secured transaction, they need to buy SSL
certificate from them.
All
Symantec SSL Certificates include the Norton Secured Seal, the most trusted
mark on the Internet, Symantec Seal-in-Search, and daily website malware
scanning so that you can offer customer peace of mind at all points of their
online experience.
SSL
certificate protects the identity and verifies the visitor’s sites thus
ensuring safer transaction and trust between the buyer and seller.
How
SSL Works?
Encryption:
- Information is “scrambled” or transformed in some coded text before sending
the data over internet by website, so that it cannot be understood by anyone
other than the intended person.
Decryption: - “Un-scrambling”, that means
transforming the encrypted/coded text information in its original format.
Keys: - A
mathematical formula, or algorithm that is used to encrypt and decrypt
information before sending over internet. Each session consist of two keys,
that are public and private keys.
•
The
public key is used to encrypt the information
•
The
private key is used to decrypt the information
Browser: -
The SSL certificate must be integrated with your browser, such as Internet
Explorer, Mozilla Firefox, Apple Safari and Google Chrome. SSL certificate is
capable of supporting 128 bit or 256 bit encryption, but certain older browser
cannot connect at this level of security. It is advisable that you must upgrade
your browser to the latest one for more security and safety.
How to know that a site is running a
valid SSL Certificate?
1. The address of the website without
SSL security will display on browser as “Http”//”
in the browser address bar. For example if one wish to do shopping online
through ebay site, the address of website will display as “http://www.ebay.in/.
2. That
means SSL security for browsing is not enabled and is open for anyone.
3. The
moment one wishes to buy anything and select the option, “Buy this”, and the address of website must be
converted to “Https://”, which means that website has the
validated SSL Certificate. Also it ensures that your information is secured
with the vendor’s server.
For
example, on eBay site, if one has selected any product to buy, the address
should be converted to “https://signin.ebay.in/” and address bar of browser will
turn green.
4. Apart from this, you will also
notice the trust mark on the website, which ensures the authenticity of the
website.