Why getting just “any SSL” isn’t good enough for your business
Recently, we have heard the news and read about how we, as a nation, are not well-equipped to handle any cyber-attacks. We then start to think more seriously about what might be the right thing to do for our businesses, taking necessary steps so our customers are always protected. We do a quick search on Google, decide to get the cheapest (or even free) SSL certificate off the internet, install it into our server and then heave a sigh of relief because we assume that our job is done… or is it?
The reality is, not all SSLs are created the same, and given the numerous platforms now available in the market, whether via a desktop or mobile devices, it has become more important to ensure that your SSL certification works on all browsers, and not just most.
However, before we even begin to understand why browser compatibility is an important factor for consideration, we will first have to understand how SSL certification interacts with the web browser and its significance in affecting potential user experience.
How does SSL certification works with your web browser?
Web browsers generally work as gatekeepers before any connection is made between your web servers and the users. So, when a user (or potential customer) gets online and tries to access your website, the web browser (Chrome or Firefox, for example) asks for identification from your server which is secured by an SSL certificate and checks its identity. Once properly identified, and if the SSL certificate is from a trustworthy source, a connection is established and all transmitted data is now encrypted and exchanged between the server and web-browser. This allows the users to continue viewing the page or make their online purchases safely and securely.
On the other hand, if the browsers find that they are not able to receive the appropriate verification from the SSL certificate because it is incompatible or not trustworthy, the browsers stops the connection from being made, informing your potential customers that there is a problem with the website. By displaying an error symbol on the secure padlock located on the address bar, customers therefore are informed that the connection is not safe, and are dissuaded from proceeding to surf the page.
What happens when SSL certification isn’t compatible with all browsers?
If a business does not cater to the needs and requirement of a group of potential customers, they are unlikely return to buy anything from the company in the future – no matter how good the product may be. The same comparison can be made for e-Businesses that depend on online sales for their revenue. If the SSL certificate installed into your server does not cater to all browsers available out there in the market, customers may face time-outs or may not be able to connect with the website, causing end-user frustrations, a drop in visitors coming to your online store and thus result, inevitably, in a loss of sales.
Even worse, they may even experience browsers warning them that the website they are trying to access are not trustworthy. This will definitely put off potential customers from even trying to view the website, what more conduct any transactions online. The website, and hence the company, will be seen as unreliable, therefore adversely affecting customer trust and confidence, leading to a loss in potential sales and reduction in web traffic.
How does DigiCert overcome these issues?
In 2011, Google conducted rigorous tests on SSL FalseStart, but found that while FalseStart works “most of the time”, they needed something which worked “all the time”. Hence, if user experience is broken “for even a small fraction of users, the optimization is non-deployable”. DigiCert, on the other hand, overcomes such compatibility issues by working directly with the web browsers instead. This ensures that users get to experience 99.9% coverage over desktops and mobile devices such as laptops and cellphones.
“Exceed your customer’s expectations. If you do, they’ll come back over and over.” – Sam Walton (founder of Walmart)
About Sheha Sidek
Sheha is a writer with interests in cyber security and finance. At Cyber Secure Asia, she hopes to be the bridge between the “bits and bytes” language and the everyday readers.