SSL is a security protocol used for exchanging sensitive information between a website and a client. It authenticates the server’s identity, encrypts information, and can authenticate the client. However, SSL cannot guarantee continued security once information reaches the server, so it’s important to read a site’s privacy policy.
SSL or Secure Sockets Layer is a security protocol created by Netscape that has become an international standard on the Internet for exchanging sensitive information between a website and the computer that communicates with it, called a client.
SSL technology is built into all popular browsers and is automatically activated when the user connects to an SSL-enabled web server. It’s easy to tell when a server is using SSL security because the address in your browser’s URL window will start with https. The “s” indicates a secure connection.
When your browser connects to an SSL server, it automatically requests the server for a digital authority certificate (CA). This digital certificate positively authenticates the server’s identity to ensure you won’t be sending sensitive data to a hacker or imposter site. The browser also makes sure that the domain name matches the name on the CA and that the CA was generated by a trusted authority and bears a valid digital signature. Hopefully you won’t even notice this handshake took place.
However, if there is a problem with the CA, even if it is simply outdated, your browser will pop up a window informing you of the exact problem you are having, allowing you to terminate your session or continue at your own risk.
Once the handshake is complete, your browser will automatically encrypt any information you submit to the site, before it leaves your computer. Encrypted information is unreadable during travel. Once the information arrives at the secure server, it is decrypted using a secret key. If the server sends information back to you, that information is also encrypted at the server end before being sent. Your browser will automatically decrypt it upon arrival, then display it normally.
For those who manage a secure server it is also possible to authenticate the client connecting to the server to ensure, for example, that the person does not pretend to be someone who has been granted limited access. Another feature of SSL technology is the ability to authenticate data so that an intercessor cannot substitute another transmission for the actual transmission without being detected.
While SSL makes the exchange of sensitive information online secure, it cannot guarantee that the information will continue to be kept secure once it arrives safely at the server. To ensure that sensitive information is handled properly once received, you should read the site’s privacy policy. It does no good entrusting your personal data to SSL, if the people who ultimately have it are going to share it with third parties or keep it on servers that aren’t bound by restricted access and other security protocols. Therefore it is always advisable to read the privacy policy of any site, which includes security measures, before voluntarily providing your personal information online.
Protect your devices with Threat Protection by NordVPN
