Guides, Articles and Frequently Asked Questions

  Index | General

Do I need an SSL certificate for my website ?

Most likely you've heard of 128-bit encryption or seen the green bar of an EV certificate in the address bar of your web browser and wonder what it stands for. Most people are very careful when shopping online and want to know that their data is safe. An SSL Certificate therefore offers you two important things:

  • Encryption of sensitive data such as credit card numbers and personal information.
  • A security feature that shows your customers that you are trustworthy.

Not all websites require an SSL certificate, but for some sites the use of encryption is a must. To find out if you need an SSL certificate for your site, ask yourself these questions:

  • Is my website an e-commerce site (e.g. an online store) that requires sensitive information from visitors?

Most e-commerce sites require an SSL certificate to encrypt the transfer of visitor data to the server. As an online merchant, it is your responsibility to ensure that the information collected from your customers is protected. If a thief gets access to the credit card information, it can be devastating for your customers as well as your business. Protect yourself and your customers from damage from misuse by third parties and use an SSL certificate.

  • Do I use a third-party payment processor?

If the online store directs your customers to a third-party site, such as Paypal, for payment processing, you don't need an SSL Certificate because your website has "no contact" with your customers' credit card information. Of course, this is only valid if your shop does not accept the data while the customer is still on your website. Paypal offers both variants for the handling of the payment. If the credit card information is still entered on your website, the use of an SSL certificate is mandatory.

  • Do I use a login form?

If you give visitors to your website the opportunity to register as users without encrypting the login page via SSL, an attacker could very easily read the user's access data in plain text and then misuse it. This enables the attacker not only to use the user's account, but also to open other doors to other accesses of this person, since many people unfortunately use the same password for different accounts. Be responsible with the data of your users, even if the contents on your website should be rather uncritical.

Was this article helpful?

We use cookies for the technical functionality of this website. With your consent, we also collect page views and other statistical data in anonymized form.

Accept all cookies Select individually
Cookie Settings
Read Privacy Statement