SSL, also known as Secure Sockets Layer or Transport Layer Security (TLS), is a protocol that provides a secure communication channel for two programs. This creates endpoints for communication called “sockets” to affect connections. A part of the process can be compared to TCP, but the encryption capabilities present in SSL are greater than those of TCP. Created by Netscape, communication and data privacy is ensured because encryption technology is capable of verifying the identity of the parties involved in the communication. SSL is important when it comes to an entire server, which requires transmitting sensitive information on a website. The encrypted connection is created between the web server and the web browser, preventing potential points of data manipulation, identity theft, fraud, and espionage.
To identify the security and privacy of communication, SSL encryption is identified by the presence of a padlock icon in web browsers or the green address bar. To enable SSL on websites, SSL certificates must be obtained by purchasing them from the certificate authority. The purchase of ssl certificates should only be done through a trusted and reputable authority. Once the requirements are met, the public and private keys can be used to decrypt the message, depending on the nature of the keys used to encrypt a message. In any case, a public key encrypted message can only be decrypted using a public key or vice versa. The SSL certificate is issued with a public key.
SSL Handshake will verify the authenticity of the server’s certificate. If the certificate is authentic, encrypted application data can be sent. Basically, the above discussion shows the advantages of SSL.
However, one of the disadvantages of the SSL certificate is that the communication flow is slower than without SSL. The SSL handshake process gives each communicator additional jobs. The site works slowly because nothing is cached. All images, style sheets and scripts will be reloaded for each new page. This can be a disadvantage for both the server and the client. However, the process is necessary to allow visitors to come and go. To lessen the effect, a simpler web design will help a lot.
Another fact to take into account is the study carried out by Ethical Hackers. They already talked and discovered that the use of SSL does not give a 100% guarantee of privacy and security. According to his research, 30 percent of SSL sites are not secure.
However, using SSL will build trust between clients. It should be noted that customers, especially those who use the online payment method, feel safer to make their payment if they are guaranteed not to divulge their personal and banking details.
