SSL (Secure Socket Layer) is a security protocol used to create a secure link between a web server and web browser, protecting users when they submit sensitive information such as credit card numbers or login credentials over the public Internet.
With the increasing threat of hackers, SSL security provides a crucial layer of online protection, allowing organizations to offer customers a safe, secure online experience.
For websites to be protected by SSL, they need a certificate which is issued by a certification authority. This certification comes as a small data file which digitally attaches a domain name, server name or host name to an organization's name and a public cryptographic key.
It is the presence of a valid SSL certificate—which is recognized as such by the user's web browser—that enables identity assurance and the establishment of a secure connection.
By helping ensure that information security is not compromised in online transactions, SSL security plays a substantial role in achieving security compliance—particularly for organizations involved in processing sensitive information such as card payment data or personal health data.
In more recent years, Transport Layer Security (TLS) has been used as well as SSL, the former having been invented in 1999 as a follow up to SSL, which was first created in 1995. Both SSL and TLS use strong encryption and authentication techniques which are always evolving to face more sophisticated threats. They are layered between the application protocol layer and the TCP/IP layer, which sends application data to the transport layer.
Users are authenticated using the SSL protocol layer’s “Handshake Protocol” and “Record Protocol.” When uses are engaged in a secure session, these protocols use an X.509 certificate, or SSL certificate, to authenticate the identity of the certificate owner.
SSL certificates are essential for protecting the identity of your users, as well as other sensitive information such as their transaction details. They ensure that all information is passed over a secure connection, preventing hackers from gaining access to their data and potentially stealing a user’s identity or payment details.
SSL is also becoming more important for SEO. In 2014, world renowned search engines announced that SSL certificates would make up part of the search engine ranking algorithm, with the move taking full effect in 2018. Users are now warned if a website is not secure, which could potentially prevent sales and damage an enterprise’s reputation.
Because we understand the importance of SSL security to you and your customers, Akamai delivers SSL-secured content over a dedicated portion of our globally-distributed network:
PCI regulations, otherwise known as the Payment Card Industry Data Security Standard, is a set of security standards that ensures that all companies who handle payment card information, including accepting, processing, storing or transferring, maintain a secure environment. It was launched in 2006 and has since been endorsed by multiple worldwide payment card brands.