What The Heck Is A Web Site Certificate And Why Should You Care?

If you ever make purchases online, you must know how to quickly determine if the web site you are about to buy from is secure.

A secure connection is an encrypted exchange of information between the web site you are visiting and the browser you are using. Encryption of data is simply a process of converting the information you type in (your name, address, and credit card number) into an unreadable format that only the receiving web site can decipher.

Encryption is done through a document the web site provides called a web site certificate. When you send information to the web site, it is encrypted at your computer and decrypted at the web site to prevent hackers from intervening and stealing your credit card information. So how do you know if a site has a certificate and a secure connection? There are two things to look for. Just note that these two checks only apply to the web page where you actually enter your credit card information, NOT the entire site itself.

Once you are on the actual order page, look for a tiny yellow padlock in the bottom right corner of your web browser. Depending on your browser version, the Security Status bar may be located on the top of the browser and to the right of the Address bar. The padlock should be closed (locked). Next, look at the actual URL. It should begin with “https” rather than the standard “http.” If you are on a web site and you see these two things, the site will have a certificate. You can view the certificate by double clicking the yellow padlock. Upon clicking, a certificate dialogue box will pop up that contains information about who the certificate is issued to, who it was issued by, and when it expires.

Another way you can view a site's certificate is through your browser's menu options. In Internet Explorer, go to File, Properties and then click on the Certificates button. The same dialogue box will then come up for you. In Firefox, go to Tools, Page Info and then click on the Security tab. You can then click on the View button to see that site's certificate.

If you ever get a warning that there is a problem with the web site’s certificate, it could be due to a number of problems such as the names on the certificates don’t match up with the web site or the certificate has expired. If this happens, you may want to call the company and place your order by phone rather than going through their web site. Finally, make sure you check out every company’s Privacy Policy. Even if they have a secure checkout process, they could give or sell your information to third party companies.