Have you noticed that some sites have a green URL bar with a lock that says “Secure”? Or even better, it has the company’s registered name on it? The URLs that follow also start with https:// instead of http://. This means that data sent to and from the websites are encrypted, so you can be ensured that any credit card information that you send through the website are safe.

Example of a site with a regular DV certificate

Example of a website with the “Green Bar” or EV Certificate

These websites have implemented an SSL Certificate. SSL certificates provide a layer of protection and are usually installed on pages that require users to enter in sensitive information, such as personal data or credit card information. I won’t go too in depth into the very technical details about how it works, but instead tell you if you need it and how you can get it.

What’s the difference with the above SSL certificates?

In the first example, Facebook is using a regular DV (Domain Validation) SSL certificate, which is cheaper. This puts a green lock on the website, and the word secure on it. In the second example, Vodien is using an EV (Extended validation) SSL Certificate. EV SSL Certificates require more paperwork to be done, as it places the name of the registered company on to the URL bar itself, further boosting the trustworthiness of the page. With so many spoofing and phishing sites going in, it becomes exceedingly difficult to differentiate a legitimate site from a scam one judging from its looks alone. With an EV, people can be sure that the company registered is a legitimate one.

Do I need an SSL certificate?

It depends. It is highly recommended to get an SSL certificate if you are:

  • Collecting credit card payment information directly on your website
  • Trasferring sensitive data/information in your website, through forms etc.
  • Trust and security is a MUST-HAVE in your business (IT solutions companies, maybe)

You could probably consider getting an SSL certificate, however it is not important, unless you:

  • Have an e-commerce website, but using an external online payment system such as Paypal where payment is redirected away from your website
  • Want to boost your SEO a little bit, as https sites will rank better than http ones
  • Are kiasu and would like extra protection anyway

You generally do not need an SSL certificate if you are not collecting any user information or payment and your website is purely informational.

Where do I get SSL and how much does it cost?

SSL Certificates’ cost ranges across various providers. One of the providers that we’ve used personally is RapidSSLOnline and NameCheap. Like clothing brands, there are also many different brands of SSL certificates offered by different companies – NameCheap and RapidSSL are one of the cheapest, but there’s also Symantec, GeoTrust and Thawte. Find one that suits your needs and budget.

Some places you can get your SSL certificates are:

Questions to ask yourself when picking the type of SSL Certificate you need:

  • Do you already have one? Shopify provides free SSL certificates to domains hosted with them! Check if your URL already says https://.
  • What is your budget?
  • Do you need it for a single domain or multiple domains? Is it cheaper to get multiple single-domains, or pay more for a multiple-domain certificate?
  • Do you want your registered company name to be on the address bar? Then check that “Green bar” is provided (or Extended Validation).
  • Do you need multiple subdirectories protected? (eg.  www.yourdomain.com + mail.yourdomain.com + blog.yourdomain.com) Then you need a cert that has “wildcard”.

I hope that you’ve found this quick guide to getting a secured domain useful. If you have any questions, feel free to comment and we’ll try to answer as best we can!

Leave a Reply