2022-12-06
The padlock in the web browser is a security certificate
Websites without adequate security are easy prey for online criminals. They can read not only the posted content, but also the data that users provide to a bank site or an online store. If the site is not properly secured then all login credentials, including passwords, are vulnerable to disclosure. There is a short distance between having passwords and having your bank account hacked. That is why the security of websites is ensured by SSL certificates, and the symbol that shows that a site has one is a padlock in the browser window, visible in front of the web address.
With these padlocks, we can check whether the owner of a particular site has properly secured it and whether we can trust them. The lack of an SSL certificate also adversely affects a site’s search engine positioning. A visitor, upon entering such a site, will see a notice that it is unsecured, which will certainly discourage them from further browsing.
An SSL certificate (you may also encounter the name TLS) is a certificate used to encrypt a user’s connection to a website’s server. A person who would like to view and read the password that is typed into a login page at a bank, for example, cannot do so, because encryption makes it impossible. The certificate consists of a public part, which includes data such as the organization’s name and/or address, and an encrypted private part.
SSL certificates are issued after the site owner presents a number of documents proving the existence of the organization, the right to the domain and the authority of the person applying for the certificate to represent the company. Certificates vary in terms of the degree of verification.
How to check an SSL certificate?
To check if a website has an SSL certificate, just look at the address bar in your browser, if the website is secured with an SSL certificate you will see a padlock in the bar.
The padlock is the universal symbol for an SSL certificate, which indicates that the connection to the site is encrypted. You can also check the details of the SSL certificate – click on the padlock icon and select the certificate preview.
Where do SSL certificates come from?
SSL certificates are issued by certification centers, which must meet a series of strict requirements, both IT and physical, to issue certificates. To become such a center, companies undergo a series of checks by both auditing international programs and web browsers, who have the right to verify their work and decide whether to include trust in the certificates they issue.
What to look for when browsing the web? How to guard against scammers?
Nowadays, attention to Internet security has advanced so much that the browser itself will notify the user that the site does not have an SSL certificate. Unfortunately, scams happen here as well, and the certificate is not always a guarantee that the site is genuine. There are certification centers on the market that automatically issue SSL certificates for 3 months containing only the domain. So what can you do to guard against fraud:
- you can check the validity period of the certificate – the maximum validity period is 398 days,
- check what data is in the certificate – if there is more than just the domain it means that the certificate application has passed a broader verification,
- pay attention to the address bar, scammers often use characters similar to the real ones, e.g., domena.pl and a misleading version of domeną.pl or donnena.pl – at first glance it may be a subtle change,
- there are often spelling or language errors in the content of the page,
- check reviews of the online store before making a transaction,
- never provide your credit card’s cvv code or balance,
- never provide more data than is required to complete a transaction,
- if you find a phishing site or suspect fraud you can check the certificate and report the domain to the Certification Center that issued it – the certificate will be revoked within 24 hours of the report.
SSL certificates are a very important tool in the fight against online fraud, but as you know scammers are always trying to find alternatives, so be vigilant on the Internet. Start by checking the certificate, check the address bar and the content of the page, and if you are still not sure, abandon the transaction. You will protect your data and money.