UPDATE — JULY 24, 2018: Today Google began rolling out Chrome 68. Now, Google's browser will display a "Not Secure" warning next to the website in the address bar if the site is not secured with HTTPS.
Trust. It's the difference between shopping at a well-lit store versus out of the trunk of someone's car. It's that sense of professionalism that makes you feel confident that your transaction will be handled discreetly and your private information will be protected. When it comes to turning casual browser into buyers — what marketers call conversion rate — trust is the difference between a click and a lost sale.
How does that trust translate online? It is easier than ever before to launch an eCommerce website and start selling in minutes. What are the signs customers look for before they click “Buy?”
3 steps to a better conversion rate
Security is on everyone’s mind. Put site visitor’s minds at ease with the green lock and HTTPS: prefix by getting an SSL certificate for your website.
Select your certificate.
Submit a Certificate Signing Request.
Download and install.
Before we walk you through how to get an SSL certificate for your website, let’s touch on what an SSL does and who needs one.
It’s a jungle out there
The most important trust indicators for web users today are the HTTPS: prefix and green lock that show in their web browser's navigation bar whenever they’re on a website protected by an SSL certificate. This tells them that any information they submit to that website will be encrypted so hackers and thieves can’t steal it.
In fact, more and more people are looking for these secure indicators before doing business with the site, let alone submitting private data like passwords, contact info or payment details.
SSL certificates have become so important that starting in July 2018, Google Chrome 68 will label any website without an SSL as 'Not Secure.'
According to Canada’s Internet Factbook, 44 percent of Canadians are unlikely to continue making purchases from any online business that suffers a cyberattack. Ensuring your online business never makes these sort of headlines is critical to your conversion rate. Once trust is broken, it’s hard to win it back.
How SSL encryption works
An SSL certificate creates a secure connection between a website’s server and a site visitor, encrypting all information as it flows between the two. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.
Without an SSL, a nefarious third party can intercept the data submitted to your website. These type of data interceptions are referred to as “Man in the Middle” attacks and they can be used to compromise your website or steal data that is then sold on the darknet. According to the 2017 Hiscox Cyber Readiness Report, 68 percent of small businesses worldwide experienced a security threat in the last 12 months.
Who needs an SSL?
As more and more sites adopt HTTPS: and SSL, it will be obvious when a site does not have a trusted SSL. As mentioned before, any website that does not have a valid SSL certificate will soon be marked 'Not Secure' by Google Chrome.
Google has also begun demoting websites that are not secured with SSL, pushing them down in search rankings, which could reduce your incoming web traffic.
Even if your website doesn’t transmit or retain any user data, the implications of your visitors seeing the words 'Not Secure' associated with your site are not good.
Canadians are far more attuned to web security than ever before, and the rise of fake news websites has many people uneasy about associating themselves with anything questionable. An SSL certificate is essential to gain and retain your reputation and your reader’s trust.
Remember, an SSL certificate is not only for protecting financial data. Any personal information such as usernames, addresses and passwords should be secured to protect your business from legal or financial risk.
There are many different ways to protect your website, but an SSL certificate is a baseline level of security that users now expect when surfing the web (even if they don't know what it means).
So how do you get an SSL certificate?
SSLs are digital certificates, so they’re downloaded via the web after the applicant passes a review. Different SSL certificates require varying levels of verification — from simple authentication of domain ownership all the way to proof that the business associated with the domain name exists and where it’s located.
1. Select your certificate
Step one is to select your SSL from the various certificates available. Any of the SSLs listed below will help convert more visitors into happy customers by increasing trust.
All GoDaddy SSL certificates come with both a GoDaddy Security Seal and McAfee SECURE trustmark to display on your website. These visual trust indicators often reassure site visitors.
- Domain Validation (DV) SSL: Ideal for blogs and personal websites, this SSL verifies your ownership of the domain name.
- Organization Validation (OV) SSL: Good for informational websites such as those owned by schools or nonprofit organizations, this certificate verifies domain ownership and existence of the organization.
- Extended Validation (EV) SSL: Because this SSL entails the most rigorous vetting process of the three, they’re perfect for eCommerce, banking and medical sites. Shoppers who see the green address, business name and country code in the browser bar that’s triggered by this certificate instantly know they're safe.
Have more than one website or subdomains you want to protect with one SSL certificate? Select your category above, then combine it with one of these:
- Multiple Domains SSL: For companies that manage multiple domains and websites.
- Wildcard SSL: Best for sites that use subdomains, like shop.website.com or blog.website.com (not available as an Extended Validation (EV) SSL).
You’ll need to wait for your certificate request to be approved before proceeding, which can take anywhere from five minutes for a DV SSL to three to five days for an OV SSL certificate. EV certificates require an extensive vetting process and a more in-depth application that takes more time (and an actual human) to process and validate.
2. Submit a Certificate Signing Request
With GoDaddy, the next step is to generate a certificate signing request (CSR). In the CSR, you will identify which server will use your certificate, as well as the domain names you'll use for the SSL certificate. How you generate a CSR depends on the type of certificate you're requesting and your operating system/control panel.
3. Download and install
Once we’ve approved your SSL application, you’ll need to download your certificate files and then install them on your server. The details of how to install your SSL will vary depending on whether you are a GoDaddy customer and your server configuration. Look here for complete installation instructions.
Once your SSL is installed on your website, all exchanges with visitors will be secured by virtually unbreakable SHA2 & 2048-bit encryption. Deploy SSL on all pages and subdomains for maximum protection.
Improve your conversion rate in 3 simple steps
Canadians are shopping online in increasing numbers, which means that having a secure website and a trusted brand is more important than ever.
An SSL certificate is not just a technical requirement, it is a business requirement. It lets your customers know they can do business with you online without fear.
If you’d like to see your conversion rate increase, don't give your customers a reason to pause before clicking "Buy." A trusted SSL certificate is a safe, simple way to tell them you’re open for business and worthy of their trust.