Secure Sockets Layer = E-commerce Security

By: InfoSecurityLab

It is not so hard to make a webpage, find something to sell and start making e-commerce! These days it is really easy, but much harder is to find customers and get their trust, because any business plan, even the most perfect, can totally fail without trust.

How to get this trust? How make webpage safe? How to know, that a webpage is dependable? That you can find out in this article!

How SSL works?!

SSL encrypts data, like credit cards numbers (as well other personally identifiable information), which prevents the hackers or identity thiefs from stealing your information for malicious intent. SSL encrypts data, like credit cards numbers (as well other personally identifiable information), which prevents the hackers or identity thiefs from stealing your information for malicious intent.

There are 5 steps, who describe SSL encryption:

1. A customer contacts your site and accesses a secured URL: a page secured by a Server ID (indicated by a URL that begins with "https:" instead of just "http:" or by a message from the browser).

2. Your server responds, automatically sending the customer your site's digital certificate, which authenticates your site.

3. Your customer's Web browser generates a unique "session key" (like a code) to encrypt all communications with the site.

4. The user's browser encrypts the session key with the your site's public key so only your site can read the session key. Depending on the browser, the user may see a key icon becoming whole or a padlock closing, indicating that the session is secure.

5. A secure session is now established--all communications will be encrypted and can only be decrypted by the two parties in the session. It all takes only seconds and requires no action by the user.(support.acmeinternet.com)

What is site digital certificate?

A digital certificate is an electronic file that uniquely identifies individuals and servers. Digital certificates serve as a kind of digital passport or credential which authenticate the server prior to the SSL session being established.

A digital certificate contains an entity's name, address, serial number, public key, expiration date and digital signature, among other information. When a Web browser like Firefox, Netscape or Internet Explorer makes a secure connection, the digital certificate is automatically turned over for review. The browser checks it for anomalies or problems, and pops up an alert if any are found. When digital certificates are in order, the browser completes secure connections without interruption. A digital certificate is an electronic file that uniquely identifies individuals and servers. Digital certificates serve as a kind of digital passport or credential which authenticate the server prior to the SSL session being established. A digital certificate contains an entity's name, address, serial number, public key, expiration date and digital signature, among other information. When a

Web browser like Firefox, Netscape or Internet Explorer makes a secure connection, the digital certificate is automatically turned over for review. The browser checks it for anomalies or problems, and pops up an alert if any are found. When digital certificates are in order, the browser completes secure connections without interruption. Typically, digital certificates are signed by an independent and trusted third party to ensure their validity. The "signer" of a certificate is known as a Certification Authority (CA).

How to known, that this webpage is dependable?

You know that you're on an SSL protected page when the address begins with "https" instead of "http" and there is a padlock icon at the bottom of the page (and in the case of Mozilla Firefox in the address bar as well). You know that you're on an SSL protected page when the address begins with "https" instead of "http" and there is a padlock icon at the bottom of the page (and in the case of Mozilla Firefox in the address bar as well).

SSL is just one of the ways how to make web page safer, but for now it is the most popular! Also hackers didn't sleep and all the time try to find ways how to pass round this system and get data.To get the newest information about information security awareness there is special training courses. So better be ready!

Article source: infosecuritylab

Security
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Security