By Simon Wright
When consumers buy from websites, they want to know that their transactions are secure. Any security breaches will drive customers away, so it’s vital that companies ensure that their checkout processes are robust and secure.
What is SSL encryption?
When sensitive information, such as credit or debit card details, is transmitted over the Internet, it’s essential that outside parties aren’t able to intercept the packets of data to use for malicious purposes. The solution to this problem is to encrypt the data.
The simplest way to think of encryption is if you imagine being sent a spreadsheet that you need to enter a password to open. By knowing the password, you have the key to unlock the information contained within the document. Others without the password would just be able to see that it’s a spreadsheet but would have no way of accessing the content.
SSL encryption stands for Secure Sockets Layer encryption and is the name given to a standard of sophisticated encryption that is regularly used by the military, by banks, and by a host of ecommerce entities. Without getting into a detailed technical explanation, SSL encryption scrambles the data being transferred (using a public key) and only those who have the private key can unlock and decipher it.
What level of SSL encryption is necessary?
128-bit encryption is recommended for sensitive data exchanges, such as credit card payments.
Companies that sell SSL Certificates do also now offer 256-bit encryption. However, this will typically be more expensive and requires both the Web server and client browser to support this enhanced level of support.
In general, the industry standard 128-bit encryption is more than sufficient to reassure both you and your customers that your checkout process is secure. It’s also the encryption level used by banks to safeguard their Internet banking services.
The importance of robust pre-launch testing:
After purchasing an SSL certificate and integrating it into your Web site’s checkout process, it’s vital to test it and confirm that the end-to-end process is working correctly. System Testing and User Acceptance ideally you'll be able to test in a staging environment and ensure that purchases can be completed without compromising sensitive customer data.
Keeping your security up to date:
SSL certificates possess expiry dates, so it’s important to renew the certificate in good time to ensure the continued protection of your Web site. This will mean that customers can continue to have confidence in your Web site and that criminals can’t get their hands on the precious payment data!
About the Author:
Simon Wright works as Mobile Delivery Manager for Royal Bank of Scotland and has extensive experience across ecommerce and Mcommerce including the launch and promotion of websites.