Your customers should feel confident about the security of your website every time they pay online. As a merchant, it's your responsiblity to understand the fundamentals of online credit card payments and security. At the root of online security is SSL, or secure sockets layer.
Here's what you need to know about SSL and Online Credit Card Payments for merchant account security.
What is SSL protection?SSL provides privacy protection by encrypting the communication between your website and the consumer. It is basically a mathematical formula. SSL takes the the information you exchange on your website and turns it into a complex code. This makes it so that even if the data exchanged is intercepted by a hacker, the data would be extremely difficult to read.
When SSL is enabled on a website, it helps the consumer’s web browser scramble their personal information before it gets sent to you (the merchant) to complete the transaction. Once sent, SSL allows only your software to unscramble the data sent. With SSL, you can complete transactions with the assurance that others cannot access the personal information (i.e. credit card numbers) as it travels across the Internet, from the consumers computer to your website eCommerce software.
How to Tell if a Website has SSL
To find out if your online credit card payments are protected by SSL, look for the picture of the unbroken key or closed lock in your browser window. Either indicator confirms SSL is activated.
Another way to verify if SSL is protecting your online credit card payments is to check the URL of the website you are on. You should see it change from "http" to "https" when processing secure transactions.
How to Get SSL on Your Website
There are four basic steps involved in getting SSL on your website.
- Purchase SSL Certificate
- Generate a CSR (Certificate Signing Request)
- Enroll for a SSL server certificate
- Install the SSL server cerificate
It sounds pretty technical, but typically your website hosting provider guides you through this process as you setup your online storefront and merchant account credit card payments capability.
SSL is Just the Beginning of Your Security Requirements
SSL is only the beginning of your responsibility for protecting card holder data transacted through your website. PCI Compliance is an absolute must. According to the PCI Security Standards Council, more than 340 million computer records containing sensitive personal information have been involved in security breaches in the U.S. since 2005, and more than 80% of the attacks targeted small merchants. If you are at fault for a security breach involving card holder data, the fallout and penalties can be severe for your business. For more on PCI Compliance, read our recent blog article: 7 Reasons Why You Should Care About Protecting Card Holder Data
At Novera Payment Solutions we work hard to take to take the headache out of PCI Compliance for you. Give us a call ... not only will we save you money over your current credit card processing solution with our flat fee merchant account, but we will guide you through PCI Compliance maze and make it simple to get up and running!