An SSL certificate is a digital certificate that authenticates the identity of a Web site and encrypts information sent to the server using Secure Sockets Layer (SSL) technology. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.

A certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. When an Internet user attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection.

An SSL certificate contains the following information:

• The certificate holder’s name
• The certificate’s serial number and expiration date
• A copy of the certificate holder’s public key
• The digital signature of the certificate-issuing authority

How does an SSL certificate work?

An SSL certificate ensures safe, easy, and convenient Internet shopping. Once an Internet user enters a secure area — by entering credit card information, email address, or other personal data, for example — the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scene without interrupting the consumer’s shopping experience. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.

By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism triggers a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning, most Internet users will likely look elsewhere to make a purchase.