Secure Pages

Many Clients expect interactive pages, particularly those that require financial or personal information, to use Secure Socket Layers technology. Web visitors know that a page is secure by seeing the "https" prefix in the web address (URL), and by seeing a "padlock" symbol, green bar, or green web address in the browser bar.

https ssl padlock image

Sites that fail to implement this technology properly will often display a slash through the padlock, the Internet Explorer warning "Only Secure Content is Displayed," or similar symbols or language to inform the visitor that the page is not fully secure.

The primary goal of many websites is to create a credit card purchase or payment, or to encourage web visitors to provide personal data (ex: Join a frequent user program, complete a survey, etc.). Don't discourage site visitors from these actions with insecure or defectively secure pages!

Secure Page Image

For a page to be fully secure, all page elements must be secure. Tracking down and fixing each insecure element can take some time, but it's worth the effort.

This page is secure - look in the browser bar, if visible, to see your browser's acknowledgement of the properly implemented SSL technology.

Green ssl padlock image

Extended Validation can provide an even greater level of security: This involves an "off-line" review of the organization (calling phone numbers, requesting financial and/or legal documents) that ensures the web address doesn't belong to a "spammer." It's considerably more time consuming and expensive, but is generally worth the time and expense for large organizations, or those with an unusual need to create trust (organizations that routinely accept large amounts of money, etc.).

As of this writing (late 2012), there's a movement, supported by Google, to move all web communications to https/SSL. Historically, SSL has been considered slower, so most sites only use https on sensitive pages (payment pages, etc.). However, improving technology is reducing the time differential, and some sites currently use SSL technology exclusively on all pages. This may the the future of a more secure web.