Sales Layer Blog

Guide to Online Security Certificates | Sales Layer

Written by Alma Muñoz | Jun 11, 2020 7:15:00 AM

What is an online security certificate?

Online security certificates serve as official proof that a web page meets the necessary requirements to guarantee the security and privacy of user data.

Certificates offer protection and encryption services for web pages in addition to carrying out audits to verify that these sites are complying with the minimum security requirements.

 

 

It’s very easy to identify whether a web page is equipped with the appropriate levels of security: if the URL starts with “https,” this means the site is properly secured. This is why so many pages with URLs labelled “not secure” inspire distrust, causing them to lose both visitors and potential customers, in the case of online stores.

An ecommerce website can be equipped with more than one quality certificate, given that not all certificates include the same services and guarantees. It is also possible to sign up for a multi-domain certificate if you have several different web pages.

Depending on the level of security you want to offer and the operations that are going to be carried out on your website, you can decide which certificate or certificates to get.

Related: additional strategies for retaining customers and building confidence

 

An example of trust seal by Geotrust

 

The risks of not adding a certificate to your store

You will not be complying with current government regulations, among other problems:

  • Your web ranking goes down since pages without a certificate are rated lower by Google.
  • You put your customers’ data at risk, since it is easier to steal banking and personal data from a website that does not have a certificate.
  • You do not inspire confidence in online users, who expect to find recognizable trust seals on any website they visit, especially those selling products.
  • You lose a large stream of potential customers, who will not return to a website without certificates.
  • You see a lower average spending per online order, since without guarantees of trust, buyers dare not make large purchases.

Types of quality certificates for online stores

SSL (Secure Sockets Layer) Certificates

This is the most common and well-known type of certificate, representing an authentic and essential security measure for any ecommerce business.

SSLs encrypt the information shared between the user and the web page, making the shopping experience totally secure.

There are 3 types of SSL certificates:

  • Domain Validation Certificate: This security measure guarantees the user that the content of a website actually originates from the described URL and not from a separate hidden address. DVs are the most basic certificate, providing the scheme “https.”
  • Organization Validation Certificate: With OVs, the credentials and data of the company linked to a web page are checked to ensure that it is legitimate. This certificate is the one most used by businesses.
  • Extended Validation Certificate: This is the most complete and comprehensive SSL certificate, covering physical audits and inspections of the company in addition to a review of its email communications and transactions. EVs are often essential for big corporations and brands.

 

 

Trust seals

A trust seal is a logo displayed on a web page as proof that it has been verified by a third party.

Seals are the stamp of security that online users want to see: a well-known seal immediately creates a sense of trust. SSL certificates are usually included in a less prominent area of the website and users do not tend to be as familiar with them.

That’s why it’s important to add trust seals on a website, even though practically speaking they do not guarantee more security than an SSL. Some seals serve to verify the security of ecommerce services or processes linked to an online store, such as checkout and the transfer of banking details.

→ If you’re going to design a checkout, which is more secure: PayPal or Stripe?

What criteria must an online security certificate meet?

A good certificate should meet at least two criteria, though these will depend on the type of activity your website is going to host.

Here are the most common requirements for a security certificate as stipulated by the Institute:

  • Protection of personal user data (necessary if you are going to collect a user’s email and data for a download or request payment and shipping address information).
  • Security of information stored by the company.
  • Confidentiality in communications.
  • Protection of specific groups (especially with regard to content that requires the protection of minors).
  • Extrajudicial dispute resolution (useful if there is a problem with a transaction that cannot be resolved between the company and the user).
  • Transparency of information on company activities.
  • Continuous review of security certificate criteria.

 

Comodo's security certificates services

 

How to install an SSL certificate on your ecommerce website

At this step in the game, you’ll need to be prudent and patient. Installing a certificate takes time and validations can slow down the process, especially if the issuing agency has to collect and check all your documentation. So don’t put off finding a certificate for your ecommerce business.

The process can be somewhat complex, depending on whether you install only a domain validation (which can be done by your own team) or add on more comprehensive certificates. Whatever option you choose will also influence the price you pay per year.

  • Free certificates: The only free SSL certificates on the market are offered by Let’s Encrypt, a Linux initiative supported by other companies such as Facebook and Google. These are domain certificates with a very simple activation process.
  • Paid certificates: Here you have more variety of options that offer a wider array of security measures. Prices are usually personalized and run between $200 and $1,000 per year, but there are very competitive brands such as Comodo, which offers packages ranging from basic at $5.99 for 5 years to premium at $69.78 for the same period of time.

As an alternative, some ecommerce platforms such as Shopify include an SSL certificate with your subscription. This lightens your expenses a bit and, more importantly, reduces the management time you spend choosing, signing up for, and installing a certificate.

 

Trust badge showed in an online shop

 

Trust badges that inspire the most confidence among buyers

According to Baymard, these were the 5 seals that inspired the most confidence among users when paying online in 2019:

  • Norton Secured: The most recognizable seal, chosen by 37.1% of users. Among its services, it also offers confidentiality in communications and continuous security monitoring.
  • Google Trusted Store: A close second in popularity at 22.7%, although Google no longer uses this concept and has integrated it into Customer Reviews.
  • McAfee Secure
  • BBB: Only applies in the United States, Canada, and Mexico.
  • TRUSTe

 

 

As highlighted by Baymard’s research, a user will immediately trust these seals even though they are not actually SSL seals, which provide more security online. Your website can have the best SSL security measures, but if buyers don’t see one of these seals, they might think it’s not secure at all.

This reveals a lack of knowledge among online users about what web page security measures are the most trustworthy and efficient and it’s why you should opt for both an SSL certificate and a trust seal, especially at checkout.

Other security certificate services are geared toward European and domestic companies, like Trusted Shops, a European certificate that meets all requirements except the protection of specific groups. These may be more appealing options for facilitating compliance with the regulations of your region (especially if you are not going to sell online internationally).

Check this out: how to earn buyer confidence and gain credibility

Final thoughts

In an online business, real security (SSL certificates) is just as important as user-perceived security (trust seals). For this reason, you must meet the requirements of both.

Signing up for an SSL security certificate is essential for every online store and company with a professional ecommerce strategy. Having one benefits both the company and the user by preventing disputes, problems, and grievances arising from the use of data — an increasingly sensitive issue on the Internet.

Other factors that will help inspire confidence in your online store are buyer reviews and a flawlessly streamlined web design and checkout. If you follow these recommendations, your website will be off to a great start and the time you invested initially will be rewarded with better traffic and customers who are more loyal to your brand.