What is an SSL Certificate?
In short, it provides security for your website by encrypting all data transmitted over the internet to and from your website.
SSL stands for Secure Sockets Layer or its new version called Transport Layer Security (TLS) is an encryption protocol that secures the communications between your visitors and your website. SSL/TLS protects your visitors sensitive data against fraud and identity theft by providing secure encryption and by validating your website.
Google rewards websites that have SSL Certificates with better ranking on their results. Sites without SSL Certificates are flagged “NOT secure”, preventing visitors from easily accessing your website. (source)
Not all Certificates are created equal
Level 0 – No SSL/TLS
All data transmitted to and from the website can be intercepted, this type of connection is not secure. Sites without SSL are labeled as “NOT SECURE”.
Level 1 – SSL/TLS (DV) – Domain Validation
Offers basic protection to your visitors and it is ideal for securing personal websites, blogs, and apps, this type of connection is secure. Requires no paperwork. There are free SSL certificate solutions but they require technical expertise and they expire every 90 days. Sites with DV Certificates will show a padlock symbol and will use https://
Level 2 – SSL/TLS (OV) – Organization Validation
Requires validation by providing business documents to the Certificate Authority, offers better protection and it is ideal for business websites that take sensitive customer information. An optional dynamic seal of trust is provided with validation. Sites with OV Certificate will show a green padlock symbol, dynamic CA seal somewhere on the page and will use https://.
Level 3 – SSL/TLS (EV) – Extended Validation
This is the most extensive validation offered to secure your website, it requires more paperwork and verification of all provided information, they might even send someone to check out your office building and take pictures. Sites with EV Certificate will show a green padlock symbol, green text displaying the legal business name on the address bar and a dynamic seal somewhere on the page as well as the use of https://
Is it necessary to get an SSL/TLS Certificate?
Google has been promoting security web standards for a few years but just recently they are making it mandatory for websites to have an SSL Certificate in order to not be flagged as “NOT SECURE” and scare visitors away.
Sites with SSL Certificates will get better search ranking and will benefit from a significant boost compared to sites without any security. This applies to regular sites and e-commerce sites alike.
Learn more about securing your site directly from Google (source).