Site Map
Phone Now 01323 649779

Contact us now!

Phone 01323 649779, email us or fill out our online enquiry form.

Newsletter

Privacy | Unsubscribe

How do Security Certificates Work?

Security certificates are an essential tool if you want to capture personal information from your customers. They allow the information to be encrypted before it is sent to you ensuring that if anyone intercepts the information, it is useless to them. This article provides an overview of how security certificates work.

Traditional Encryption

Traditional encryption systems work by using a "key", such as a secret password or a series of random letters. The key and the information to be encrypted are fed into the "encryption algorithm" which converts the original information into a seemingly random series of letters and numbers, the "encrypted data".

In order to get the original information back, the key and the encrypted data are fed into the corresponding "decryption algorithm" which converts it back to the original.

Imagine that when you encrypt the information, you are putting it in a safe, and when you decrypt the information, you are taking it out again. Anyone with the key can both store and retrieve information from the safe.

Unfortunately, this is no good for the internet, because anyone with the key can get the information out. What we need is a way of allowing people to put stuff in the safe, but not take it out. What we need is......

Public/Private Key Encryption

Using public/private key encryption, our safe has two doors. The first door allows people to put stuff in the safe, while the second door allows people to take stuff out. The important thing to remember is that each of the doors has a different key.

Everyone is allowed a key to the first door, because we want everyone to be able to store information. This is called the public key.

Only one person is allowed a key to the second door - they are the only person allowed to retrieve the information. This is called the private key.

In this scenario, your customer's computer has a key to the first door, and the web server has a key to the second door.

Step by step

When you capture personal details using a security certificate, imagine the process like this:

1. The web server sends a special two-door safe to the customer's computer along with the public key to the first door.

2. The customer's computer uses the public key to open the first door of the safe and store some information e.g. credit card details.

3. The customer's computer shuts the safe and sends it back to the web server.

4. The web server uses the private key to open the second door of the safe and removes the information.