[QUOTE]The main difference between SSL certificates is the level of identity verification:[/QUOTE]
And price justified by confusion marketing tactics! 
In the nearly 10 years of online selling, we have never had a customer tell us âYou have a cheap SSL Certificate, so we wonât buy any products from your siteâ LOL
[quote name=âStruckâ]In the nearly 10 years of online selling, we have never had a customer tell us âYou have a cheap SSL Certificate, so we wonât buy any products from your siteâ LOL[/quote]
Itâs not just about price. Itâs about trust that you are the owner of your ecommerce site and your company is legal.
Just google âlouboutinâ and visit any of listed shops there. They are all chinese and indian stores which sell fakes. Go to checout and look if they have any SSL cert. NO. Because they will never get one.
[quote name=âindy0077â]Itâs not just about price. Itâs about trust that you are the owner of your ecommerce site and your company is legal.
Just google âlouboutinâ and visit any of listed shops there. They are all chinese and indian stores which sell fakes. Go to checout and look if they have any SSL cert. NO. Because they will never get one.[/QUOTE]
You missed his point which is that few would notice if you have a âlow assuranceâ or âhigh assuranceâ certificate (which is kind of consistent with your explanation). Otherwise, we would all need EV certs to gain customerâs trust.
Bob
[quote name=âStruckâ]And price justified by confusion marketing tactics!
In the nearly 10 years of online selling, we have never had a customer tell us âYou have a cheap SSL Certificate, so we wonât buy any products from your siteâ LOL[/QUOTE]
Exactly my experience.
I always buy the cheapest single root certificate and never have any problems.
I just purchased an EV SSL for the business; itâs becoming more apparent that mature (35+) will only purchase when they see visual indicators on the website they are purchasing from.
Considering that the Blue/Green bar is becoming increasingly considered the âsecurityâ measure itâs straight forward and without doubt for them to purchase then and there.
[quote name=âJesseLeeStringerâ]I just purchased an EV SSL for the business; itâs becoming more apparent that mature (35+) will only purchase when they see visual indicators on the website they are purchasing from.
Considering that the Blue/Green bar is becoming increasingly considered the âsecurityâ measure itâs straight forward and without doubt for them to purchase then and there.[/QUOTE]
To make more money, they will soon announce bars in pink then black and ones with stripes. Marketing guys will confuse you as much as they can.
Have you ever heard about anyone being able to generate a fake SSL certificate with Veri or Geotrust name in it? Never. So, why the panic? All of my customers use SSL for ĂÂŁ10 for the last 4 years and are very happy.
[quote name=âindy0077â]There are 2 main categories of SSL certificates:
1) To encrypt communication between the browser of the visitor and the web server
2) Same as 1) + to verify the authenticity of the website you are on
The main difference between SSL certificates is the level of identity verification:
The main difference is the level of authentication done.
For example RapidSSL will only verify the domain name. So if you request an SSL certificate for say yourdomain.com, GeoTrust (provider of RapidSSL) will send an email to the WHOIS contact for yourdomain.com. Thus only the domain owner will receive it and be able to confirm he owns the domain name.
Then you can opt of a QuickSSL from GeoTrust which is more expensive, but still only verifies the domain name. The difference (apart from price) is that you receive a site seal. The purpose of the site seal is to increase trust between you and your visitors. The site seal is dynamic and will thus display your domain name in the site seal. The same level of verification is done as the RapidSSL which is considerably cheaper.
Moving up in the GeoTrust chain, we have the True BusinessID certificate. This takes validation a step further by validating your business. This may involve them calling the company number or sending a letter to the official company address. Once you receive the letter you will then confirm with GeoTrust that you have and provide any necessary information. You may have to provide identification information to them. This all depends on how thorough the company you are purchasing the certificate from decides to be.
This method further boosts consumer confidence. The encryption still remains the same (it may support higher encryption strength) but the validation process is the main thing that has changed. It will still function the same as their cheapest certificate, except that the level of authentication is more in depth. Your visitors can see that not only is the domain verified but your address is also correct and accurate.
Typically e-commerce sites with high volume will go for this option.
Extended Validation (EV) certificates
You may have noticed that on some sites you visit, your address bar turns green. That is because the company is utilising an extended validation certificate. This doesnât mean they are any more or less secure, but the validation & authentication process is even more thorough. Wikipedia explains the process pretty well:[/QUOTE]
Hello Indy 007-7 (Bond, Indy BondâŚehehehhe) 
[QUOTE]There are 2 main categories of SSL certificates:
- To encrypt communication between the browser of the visitor and the web server
- Same as 1) + to verify the authenticity of the website you are on[/QUOTE]
In my case, I think that just NUMBER 1 is sufficient.
Why: because people will know that we really exists because we have advertising a lot of places, so⌠âauthenticity of the websiteâ I think will not be very important for us.
Maybe if we were goingo to sale around the world or something like that. But in our area people can see who we are using WHOIS.
In this example I think it is very important to use a SSL certificate to:
[QUOTE]1) To encrypt communication between the browser of the visitor and the web server[/QUOTE]
So, I think I can use it in LOGIN FORM and PAYMENT PROCESS.
I think this could be used for 1 more thing:
- CLIENT LOGINS HIS ACCOUNT.
- HE SEND FOR YOUR SERVER SOME DOCS YOU NEED TO ALLOW A SALE.
These docs will be sent encrypted.
Some companies ask the client to send files that prove client is really that person. Some of them ask the client to send all data BY EMAIL what is very unsafe.
By the way⌠no answer about SSL certificate in CS-CART.
Is there any doc about it?
Tks!
CS-Cart uses SSL encryption on/in:
- checkout page
- administration panel
- authentication, profile and orders pages
All SSL settings are optional.
I have it also in Contact Us 
[quote name=âindy0077â]CS-Cart uses SSL encryption on/in:
- checkout page
- administration panel
- authentication, profile and orders pages
All SSL settings are optional.[/QUOTE]
[quote name=âindy0077â]CS-Cart uses SSL encryption on/in:
- checkout page
- administration panel
- authentication, profile and orders pages
All SSL settings are optional.[/QUOTE]
Yes,
But my doubt is: when I choose it in admin panel it will work direct, without need to adjust any other file or directory?
for example:
MYDOMAIN.COM/admin.php?dispatch=settings.manage
There you can adjust about ssl connection.
My doubt is: is just click there and it will start SSL (https) when a client you login or something else?
I thougth I would need to adjust others files to configure it.
If not, better.
Tks!
[quote name=âNomanâ]I have it also in Contact Us ;)[/QUOTE]
heheheheeh
Very good idea. All information your client want to ask you is a privilege data and nobody could get it.
I think I will do the same.
Could you explain how did you do it, Noman?
Tks!
In AdminâŚ
Content â Pages â Contact Us â Form Builder and select Form is secure (SSL).
You can do this for any form you use on your website.
[quote name=âNomanâ]In AdminâŚ
Content â Pages â Contact Us â Form Builder and select Form is secure (SSL).
You can do this for any form you use on your website.[/QUOTE]
Very nice.
Thanks!
[quote name=âdragondfâ]But my doubt is: when I choose it in admin panel it will work direct, without need to adjust any other file or directory?[/quote]
Very important is to choose the right domain for the SSL registration (with or without www) and then you have to make changes in your config.local.php file in the line:
[quote]
// Host and directory where software is installed on secure server
$config[âhttps_hostâ] = âyourdomain.comâ; (or www.yourdomain.com)
$config[âhttps_pathâ] = â/â;[/quote]
[quote name=âindy0077â]Very important is to choose the right domain for the SSL registration (with or without www) and then you have to make changes in your config.local.php file in the line:[/QUOTE]
Yes, it was about this that I were talking about.
Thanks!
[quote name=âNomanâ]To make more money, they will soon announce bars in pink then black and ones with stripes. Marketing guys will confuse you as much as they can.[/quote]
I looked beyond the marketing (I donât believe anything a sales person has to say) and after reviewing the data itâs apparent that customers are looking for valid company creditentials before they proceed to purchasing. Our own conversion rate is extremely above par however we are in a niche so there isnât no real way to gauge the sales increase.
If anything, itâll pay for itself if someone buys something because of it (vs godaddy)
[quote name=âNomanâ]To make more money, they will soon announce bars in pink then black and ones with stripes. Marketing guys will confuse you as much as they can.
[/QUOTE]
ahahahahaahhahhhahh
I havenât read it yet.
hahahaahah
Very funny.
[QUOTE]I looked beyond the marketing (I donât believe anything a sales person has to say) and after reviewing the data itâs apparent that customers are looking for valid company creditentials before they proceed to purchasing.[/QUOTE]
I think one company that started its works in last month you not haver creditentials neither if they have a ULTRA SUPER PINK BLUE GREEN ssl certificate. I think SSL CERTIFICATE is just ONE THING that a webstore need to have.
About ssl certificate, I believe is to costumers believe that their credict card data will not be get by any cracker during payment process.
But to pay 400$ just to have a SEAL of a BRAND?
So, I want a TOYOTA SSL certificate.
[quote name=âdragondfâ]
About ssl certificate, I believe is to costumers believe that their credict card data will not be get by any cracker during payment process.
But to pay 400$ just to have a SEAL of a BRAND?
So, I want a TOYOTA SSL certificate.
:)[/quote]
I paid a bit more than that furthermore Iâm not negating the responsibilities of the credit-card company, I just want to save myself the legal paperwork.
Not only that, but Iâm 100% certain that it will increase our conversion rate which I hope will lead to hiring someone else to do my job:rolleyes:
Anyway, This is Indyâs thread lets keep it as such
[quote name=âdragondfâ]But to pay 400$ just to have a SEAL of a BRAND?[/quote]
Thatâs relative, but if someone buy a SSL cert for $10 (except RapidSSL) which is self barnded by a hosting company only to save a few cents instead to buy a cert for $20 from a known SSL provider, thats really wrong.
[quote name=âJesseLeeStringerâ]I paid a bit more than that furthermore Iâm not negating the responsibilities of the credit-card company, I just want to save myself the legal paperwork.
Not only that, but Iâm 100% certain that it will increase our conversion rate which I hope will lead to hiring someone else to do my job:rolleyes:
Anyway, This is Indyâs thread lets keep it as such
[/QUOTE]
I liked this post. People (at least here) are being very participative.
Well, about CONVERSION RATE, I think this is not the UNIQUE thing a costumer will be worried about.
For example:
1st thing I try to find: PRICE. If your prices are not competitive, I will to another company website.
2nd: payment methods
3rd: is this company well known? Where is it locate? Is there something again it in others foruns or something like that?
4th: can I talk to someone in a phone number?
5th: is there anyone that I know that have made a buy from it?
6th: privacy policy
âŚ
âŚ
20th: is there a SSL certificate?
âŚ
30th: is this SSL CERTIFICATE from a very known company?
I have nothing against your idea and your ssl certificate.
But for me, this is just a SEAL, nothing more.
In my case, in Brazil, all these that you are talking about are NOT very well known here. So, I donât believe a costumer will not buy from you just because you are not using a VERY WELL KNOWN ssl certificate âimportated from USAâ.
Like I said before, here in Brazil we do not get the CREDIT CARD NUMBERS form a costumer. Only visa, master, etc⌠know about that credit cards, not the webstore.
I was shocked when a person from a bike store said me he had my credit card number. I said: âHOW?â
He said: âI am the bossâ.
The cracker do not want to know if your are or not the BOSS. He will get all value data from your computer and use it later.
[QUOTE]
Thatâs relative, but if someone buy a SSL cert for $10 (except RapidSSL) which is self barnded by a hosting company only to save a few cents instead to buy a cert for $20 from a known SSL provider, thats really wrong.[/QUOTE]
I think like you.