The world of the web is ‘slowly’ seeing a change in the tides as far as website, and more specifically, browser security is concerned.
Generally, secure websites use encryption and authentication standards to protect the confidentiality of web transactions.
Currently, the most commonly used protocol for web security is TLS, or Transport Layer Security. This technology is still commonly referred to as SSL, or Secure Sockets Layer, a predecessor to TLS. In addition to providing security for HTTP (web hypertext) transactions, TLS works with other TCP/IP standards such as IMAP mail and LDAP directory access. For a security standard such as TLS/SSL to work, your browser and the web server must both be configured to use it.
When you connect to a website using TLS, your browser asks the server to authenticate itself, or confirm its identity. The authentication process uses cryptography to verify that a trusted independent third party, or certificate authority, such as Comodo, Thawte, or VeriSign, has registered and identified the server. TLS can also authenticate connecting users or their computers.
In addition, TLS encrypts the data that you send, and incorporates a mechanism for detecting any alteration in transit, so that eavesdropping on or tampering with web traffic is almost impossible. This is essential for safely transmitting highly confidential information such as credit card numbers.
Nearly all current browsers are set up by default to accept SSL certificates from most established certificate authorities, and to notify you when you are entering or leaving secure sites, including secure areas of comprehensive sites.
What does this mean to you and me – it means that if you have a website, and especially if you have site where either sell things, or require clients to login to it – you will want to start the process to learn how to move up the ladder as far as securing the information of the transaction or clients is concerned.