Definition of a Secure Website
Surfing the Internet is an everyday occurrence for many individuals. Internet safety is an important issue, whether one is surfing for fun and amusement, to conduct personal business or to make a living. Secure websites offer one form of protection while computer users are online.
Other People Are Reading
-
What Is a Secure Website?
-
A secure website uses authentication and encryption to protect interactions and transactions conducted through the Web. The most common security protocol is Secure Sockets Layer, or SSL. SSL protects hypertext (http) transactions as well as IMAP mail and LDAP directory access. When a user connects to a secure website, the authentication process is verified through a third party that has registered and identified the server. SSL can also authenticate other connecting computers and their users.
Encryption
-
Transactions conducted through a secure website are encrypted, or disguised to protect confidential data such as credit card numbers from outside interception or misuse. Nearly all browsers that are currently used accept SSL certificates from established certificate authorities by default. Users are also informed when they enter or leave a secure website.
-
Authentication
-
A certificate authority (CA) is an independent, third-party organization that issues digital certificates of authority. A certificate of authority is a form of verification that guarantees that the identify of the certificate holder is genuine. The certificate can contain information such as the owner's name, public key and expiration date of the certificate, depending on the security system of the network involved. The best known certificate authorities are VeriSign and Thwate.
Indicators of a Secure Website
-
The address bar shows the URL of the website presently loaded in the browser screen. For most websites, the URL begins with "http." For secure websites, the URL in the address bar begins with "https." Also, for secure websites, an icon of a closed padlock will appear somewhere on the browser window. Clicking on the lock icon will reveal the details of the site's security certificate. Many owners of secure sites also have a prominent display of a certificate seal on their websites. Users should be able to obtain certificate information by clicking on the site seal or hovering over it with a cursor.
Considerations
-
Sometimes users attempting to access a secured website will receive a message that the site's security certificate does not match the server, that the certificate has expired or that the certificate authority is not recognized. In many instances, the website is actually valid, but the error is due to a simple server misconfiguration or because the user has an outdated browser on his computer.
However, this can also be a sign that the certificate has been stolen and that the website is in fact not secure. In such cases, users should double-check the website by contacting the certifying authority. If there is no contact information available, this is a fairly reliable sign that the certificate is not legitimate.
-
