Do I need an SSL Cert?

I think any part of your website where your clients have to type in such info as their address, email, phone#, and of course credit card #'s, should always be encrypted via SSL connection (even if payments are processed using PayPal).

So, yes.. I think you should use SSL. :)
 
Anytime your prospects stay on your site to enter credit card information, you'll need an SSL certificate - and you'll need to be PCI compliant.
 
Last edited:
as your site is accepting Credit cards and other personal information of your clients than SSL certs are must for your site. SSL certs encrypts data between the server and browser and also increase confidence among your clients. And as said by eMediaSalesAbe, they are available at very cheap costs.
 
Hi!
I've found certs even cheaper than that. Globessl is but one example....there really is not excuse these days. They'll even give you a free 30 day trial cert to play around and learn with.

Bryon
 
I think ssl certificate is must to protect your clients transaction, you can go for 128/256-bit Encryption which would be cost effective solutions.
 
Absolutely. I wouldn't even put in my personal details or cc information until that was in place. I actually have refused flat out to pay for something before until they put a ssl cert in place. It took them 2 weeks but I wasn't about to take the chance.
 
I would suggest an SSL Certificate just for the simple reason that it makes your clients feel safe.

That being said, with your current setup; don't quote me on this, but I think that since your going though paypal which is a secured site and your customers are not giving you money directly then I don't think you are required to have an SSL Certificate.

In regards of what I have said above, I would highly suggest that you have one anyways.

Best Regards,
 
Everyone agrees that it is best practice to use SSL, though some still don't however part of secure connections and their use is informing and educating the user as such EV SSL certificates being a prime example.

Though most hosts won't outlay for an EV certificate (us included) I have noticed many don't make a clear distinction when changing between secure and non secure sections of their site (ourselves included at present) though some do show pci compliance and other trust images.

In essence having the certificate isn't enough, many users still don't understand what the padlock is nor do they understand why it's important or how it affects them, for others it's very important but a certificate alone doesn't instil trust which is one of the purposes of SSL certificates.

any thoughts?
 
Considering that many clients would abandon a transaction when there is no https in their browser, I believe investing in a SSL is a minimal cost for any serious online business.
 
I believe an SSL is very important, though not required. I personally won't enter any personal information without one, let alone transmit an transaction.

That being said, you would loose me as a Potential customers as well as a few others I read here.

In the end the choice is yours but I'd personally get one.
 
csn-uk said:
Everyone agrees that it is best practice to use SSL, though some still don't however part of secure connections and their use is informing and educating the user as such EV SSL certificates being a prime example.

Though most hosts won't outlay for an EV certificate (us included) I have noticed many don't make a clear distinction when changing between secure and non secure sections of their site (ourselves included at present) though some do show pci compliance and other trust images.

In essence having the certificate isn't enough, many users still don't understand what the padlock is nor do they understand why it's important or how it affects them, for others it's very important but a certificate alone doesn't instil trust which is one of the purposes of SSL certificates.

any thoughts?
Click to expand...

I'll have to agree with you on this 100%. Just because the website in question uses SSL does NOT mean you're doing business with a trustworthy company. EV certs are a great way to let your clients know you're a legitimate registered business. However, there are other ways of doing this without forking out all the money for EV certs, and it still does NOT mean you will be doing business with a trustworthy company, either.

SSL just means that any data sent from your end to the website is encrypted so that nobody can intercept and steal the data being transmitted, it does not mean the data was sent to a trustworthy source. ;) I've seen eBay and PayPal phishing websites designed to make you sign in with your account details in order to steal them, using SSL certs.
 
Oh yea i agree with everyone. You definitely need an SSL certificate if you are processing personal information. They are so cheap now days, i even saw one for $9. Actually this reminds me... I need to renew my SSL Cert.
 
Its not totally necessary at the beginning of a company, but you should definitely look into getting one asap. You can get a rapidssl or positivessl for around $15/year
 
Any part of your website that valuable information is either entered or displayed is recommend to have a SSL Certificate.
 
Ssl certificate is only needed if you process credit cards directly in your websites.

If youre only using paypal or other payment gateways you dont require ssl encryption in your website since those companies are in charge of making the process.

Moreover if your clients pay with credit card through paypal, youre not require to use ssl certificate because is paypal the one who is processing the card.
 
You must log in or register to reply here.

Supporters

Back
Top