Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
05-22-2007, 10:51 AM #1
- Join Date
- May 2007
- Thanked 0 Times in 0 Posts
How can I assure customers that our site is secure?
When a customer questions whether or not our site is secure, is there some certificate/statement that I could E-mail to assure them? Should I have a statement on our site? This happens about 2-3x per week and I used to think the padlock in the lower right-hand corner indicated a secure site--am I wrong?
What do other websites do when this issue arises? I always assure the customer that the site is secure--but they don't seem satisfied. Thanks in advance for any help in this regard.
I went to Siteworx to see if I could find something and I found a SSL certificate--is that it?
05-22-2007, 12:57 PM #2
- Join Date
- Jun 2002
- London, UK
- Thanked 110 Times in 109 Posts
I know that when you buy certs from (for eg) Verisign, they give you the option of generating some code to put on your pages that embeds an image from their servers. I suspect that most cert authorities offer a similar service.
Trouble is, the 'image on a webpage' approach is about as reliable an indicator of site security as client-side login scripts are a reliable method of controlling access. In fact, they're widely used in phishing attacks.
The padlock in the browser status or address bar is still, as far as I'm aware, the only reliable indication of a secure site. I'm sure that Verisign would have a page up somewhere that explains in simple terms what the padlock means in reassuring terms for the non-tech-savvy.
If you have a secure site, on a HTTPS url, that makes a closed padlock appear when you visit it, I'm not sure what else you could do to reassure visitors apart from pointing them at your certificate-issuing authority.
05-22-2007, 01:53 PM #3
- Join Date
- Mar 2006
- California, US
- Thanked 3 Times in 3 Posts
Here's what happens when they're a problem with the security certificate:
Here's what happens when the security certificate is in order:
An SSL certificate can be purchased for $20 a year or $200 a year (and higher), depending on the use and brand, etc. Most people are fine with an inexpensive certificate like RapidSSL.
I buy mine from Dynadot because that is also where I purchase domain names, but there are thousands of places to buy them.
Shared, reseller, semidedicated hosting and dedicated server plans.
DirectAdmin • Installatron • Money-Back Guarantee • 24/7 Support
Providing "Service Above All Else" since 2005.