SSL (Secure Sockets Layer) is one of the standard security protocols used by millions for establishing an encrypted connection between a web browser and a web server while preventing cybercriminals from reading and modifying any transaction done between them such as the transmission of sensitive information like credit card while doing online shopping. It ensures that all the data passed between the web browser and web server remains private and secured

The main reason to use SSL is to encrypt and secure sensitive information sent over the Internet, so only the recipient who is intended can have access to it while making it unreadable to any third-party in-between. As any information sent over internet pass through various computers before reaching its destination server, ultimately making your sent information such as credit card details, login credentials vulnerable to attacks, if it’s not encrypted with an SSL certificate. Additionally, SSL is important because it provides:

• Authentication: Provides surety that the information is sent to the right server and not any fraudster who is trying to steal data.
• Trust: Visual trust indicators such as a green bar or a lock icon are displayed on the popular web browsers like Google Chrome or Mozilla Firefox, letting your website visitors know about your genuineness.
• PCI Compliance: Pass the audits and satisfies the requirement of the Payment Card Industry (PCI) standards, which are needed for any website which accepts credit card details.

• Whenever a user visits a secured website, an SSL/TLS Certificate installed on it offers identification information regarding its web server and creates an encrypted connection. Furthermore, all of this process is done within a second.

• Let’s see how does an SSL work?
• Web browser or server tries to connect with the server of a website secured with an SSL/TLS Certificate and make a request to a web server for identifying themselves.
• Copy of a web server’s SSL/TLS Certificate is sent to the browser or server.
• Once the browser/server receives it verifies whether to trust the SSL/TLS Certificate and then sends a message to the web server.
• The web server sends back an acknowledgment in a digitally signed format for starting an SSL encrypted session.
• Now, the access is granted to share encrypted data between the web server and the browser/server.

SSL/TLS Certificate installed on the website means it helps to secure the data transferred between the visitor and a website and vice-versa. Though one thing has to be noted that, it doesn’t mean the information on the server is secured, as once the sensitive data reaches the server it’s up to the admin on how to keep it safe for example, encryption of database.

In other words, HTTPS means HTTP is sent over an SSL encrypted connection which covers GET & POST with other HTTP actions while keeping it safe and unaltered as all the data is passed via an SSL tunnel to the client browser.