Why The Best Financial Websites Are Moving To SSL

What a security notice / page looks like on some of the best financial websites

25 Oct Why The Best Financial Websites Are Moving To SSL

The internet is a fascinating thing.

The best financial websites use it to extend the reach of their brand, and generate qualified, inbound leads. At the same time, they face multiple threats from malware, hackers and viruses.

It’s in the interest of every financial firm, therefore, to make their website as secure as possible for their users. Fortunately, there is one great way to do this – moving your website to SSL.

Have you ever noticed that some websites have “https” at the beginning of their URL? This is different from the “http” you will have seen dominating the web a few years ago.

What is this “extra s” in the “https”, and what does it do?

In simple terms, the “s” signifies that your connection to the website is secure and encrypted. That’s why the best financial websites are moving over to “https” – or SSL.

 

What Is SSL?

SSL (or “Secure Sockets Layer”) is the technology that powers https. It works to keep private the data which is sent between your web browser and the financial website in question.

For instance, let’s say you want to log into your account on the Vanguard website. You go to the login area, fill in your details and hit the submit button.

If Vanguard did not use https (which uses SSL), then the information you just entered and transmitted to the website could possibly be intercepted by hackers. They could then use that information to access your financial information and investments. Not good.

This form of attack is often called a “man-in-the-middle” interception. It can happen through a range of methods, but there’s a very common approach that goes like this:

The hacker places a tiny, hidden listening programme on the server (which hosts the website you are visiting). When you start typing information into the website, the listening programme “wakes up” and collects the data you’re entering – broadcasting it back to the hacker.

With SSL, however, the best financial websites guard against this by encrypting the connection between your web browser, and their website content.

Your browser and the website will perform a kind of “secret handshake,” binding the two together so that the connection is secure. You as the user do not have to do anything particularly fancy, or special. The connection happens the moment you visit the https website.

 

Are The Best Financial Websites Seeing An SEO Benefit?

Man using credit card on financial websites

Yes.

Not only are many technophobes convinced that SSL-empowered websites are usually faster than non-secure websites, but there’s a clear SEO benefit for https-empowered financial websites.

According to Google, an SSL certificate on your website is now taken into consideration as an important ranking signal. If two websites are essentially equal in all respects of their SEO profile – except one is SSL enabled, and the other is not – then the former will be ranked higher than the latter.

 

How Do I Know SSL Is On My Financial Website?

There’s a great tool by Hubspot that can tell you. So check that out.

However, you can usually tell by checking the URL in your web browser:

#1 The URL Prefix

Check the beginning of your website URL. If you have SSL on your website, it will usually start with “https://”. If it does not, then it will usually say “http://”.

#2 Padlock Icon

The padlock looks a bit like this:

vanguard investor

#3 Check The Certificate

There’s a chance that your SSL certificate might have expired, even if you have the “https” prefix on the URL and the padlock icon.

In Chrome, you can check the certificate by navigating to View and then Developer Tools. Go to the security tab, and you can check the validity of the SSL certificate for the website.

 

How To Get SSL Onto Your Financial Website

Stage one of this process is to determine the type of certificate you require.

The best financial websites vary in how their website is set up, and you will certainly need to take your site architecture into account when moving over to SSL.

For example, if your website is hosted on multiple platforms (e.g. different domains/subdomains) then you may require different SSL certificates.

A standard SSL certificate will cover the needs of most financial firms and advisers. It is possible to get a free one, or you can get hold of a custom one.

Let’s look at some options for your financial website for SSL, then.

On the free SSL side, there are services like Let’s Encrypt which you can use. We’d really recommend using a knowledgeable developer if you’re going to go down this road. Someone who knows about the DNS and technical setup of your financial website.

There’s also a 90-day expiry date on these certificates at the time of writing, so you will need to keep on top of renewing them to keep them updated.

Let’s now consider the purchased route. Some domain providers will give you the option to buy SSL certificates from them, often starting from $50 per month for a single domain.

Whichever route you go down for a paid SSL certificate, make sure you check the validaty details. Many will be valid for one or two years, and then you will need to renew them.