Secure Sockets Layer (SSL) is a security technology which establishes an encrypted link between a server (e.g. website) and a client (e.g. browser). It allows sensitive information and login details to be transmitted securely over the Internet. SSL is a security protocol that determines variables of the encryption for the link and the data transmitted. It protects people’s data, especially when sending confidential information and doing online transactions such as online purchases and banking.
Recently, Symantec Corporation announced that a new technology which upgraded the security provided by SSL Certificates. Using multiple algorithms including Elliptic Curve Cryptography (ECC) and Digital Signature Algorithm (DCA), the new SSL Certificate beats the traditional approach and is also 10,000 times more difficult to break in.
Symantec said speed is increasingly important after the National Institute of Standards and Technology (NIST) required the websites to be migrated from RSA 1024-bit to 2048-bit as a precaution since longer cryptography is hard to break. Symantec has discovered that the ECC provides better performance and response time for server-to-desktop compared to RSA certificate since the latter handles 450 per second with a response time of 150 milliseconds to the desktop while ECC does it in 75 milliseconds. The company has claimed it now offers a 256-bit ECC certificates which provides as much security as that provided by a 3072-bit RSA certificate.
Benefits of SSL
• Encryption. The primary benefit of an SSL is security. Sensitive and confidential information transmitted across the Internet is encrypted so only the intended recipient can understand it. Encrypting information is vital since it is transmitted from several computers before reaching its destination server. SSL prevents other computers from seeing sensitive information such as your social security number, usernames and passwords, or credit card numbers.
• Authentication. SSL Certificates provide authentication. This ensures that information being transmitted is sent to the right server. Fake websites could trick your users to send personal information to them, instead of your server and you can avoid this by getting an SSL certificate from a trusted SSL provider and by using a proper Public Key Infrastructure (PKI). Trusted SSL providers only issue an SSL certificate if the company has been verified and has gone through and passed identity checks.
• Gain Customers’ Trust. Customers will likely purchase a product or avail service from a secure website. A secure website displays a lock icon or a green address bar to let the user know that the connection is secure. SSL providers also give a trust seal that boosts confidence and trust in visitors. Creating a trusted environment gives prospective customers confidence in doing business with you.
• Protection from Phishing. There are people who attempt to acquire sensitive information by tricking the recipient. These criminals won’t be able to masquerade as your site since it is difficult for them to get an SSL certificate. Users are less likely to fall victim for a phishing attack because they will be looking for visual cues in their browser.