Do I Need SSL?

The short answer is yes. Web site encryption should be a required part of every eCommerce transaction for a wide variety of reasons, both technological and social. Let's take a look at several.

First, what is SSL?

SSL is an encryption system that encrypts all the information between your customer and your web server. This makes it much safer for people to send sensitive information (like credit card info) to your server.

How do I know if I have it or not?

When SSL is working properly you'll see a lock in your browser's address bar:

Why do I need it?

  1. As mentioned above, it encrypts all the information between your end user and your server. Having someone get their identity stolen while using your site isn't worth the headache.
  2. It's required by Credit Card companies. Check out this article from Sucuri for more information.
  3. People won't trust your site without it. People have been well trained to look for the lock in their browser, and won't buy without it, even if you manage to find a way to not need it technologically.

What if I use PayPal, and people don't pay on my site?

With the exception of PayPal Express, you do still need SSL. Full documentation regarding PayPal and SSL here.

Do I need SSL even while testing?