SSL Certificates
What is an SSL certificate?
An SSL certificate allows your computer to validate that you're communicating with the website server that you expect. In order words, it helps to prevent malicious third party interception and data theft.
Why do you need an SSL certificate?
To protect sensitive information exchange such as username / password login forms, personal information such as names and addresses entered during an order process, and of course eCommerce transaction security.
How does an SSL certificate work?
SSL certificates rely on a concept of trust by association. Every web browser such as Firefox, Chrome, Internet Explorer, Safari etc. has root certificates issued by major certificate authorities already pre-installed / pre-trusted. Those certificate authorities can then issue certificates with a cryptographic relationship to the pre-trusted ones already within web browsers - it's basically like your best friend introducing you to their friend; you would trust your best friend's endorsement.
SSL Certificate Types
Layershift partner with leading certificate authorities such as Comodo, GeoTrust and Symantec (formerly Verisign), to provide you with the best SSL certificates at discounted prices. Because the certificates are issued by leading brands, you benefit from excellent browser recognition (over 99%) ensuring that your certificate works in more web browsers without displaying nasty errors to discourage visitor interaction. Your certificate is validated and issued by the certificate authority directly, except you pay less than going direct, and we also install the certificate onto any managed Layershift server for you!
SSL Certificate Comparison
| Standard | Wildcard | Extended Validation | |
| Typical Issuance Time | Less than 1 hour | Less than 1 hour | 3 - 5 days |
| Validation Method | Email Domain Control A validation email is sent to a specific authorative email address on certificate domain name. |
Email Domain Control A validation email is sent to a specific authorative email address on certificate domain name. |
Human Verfied Against Official Records Company incorporation status, physical trading address, telephone number and authority of the applicant to request a certificate on behalf of the company are all independently human verified. |
| Assurance Level | Low | Low | High |
| Supported Encryption | 2048 bit signatures provide up to 256 bit encryption | 2048 bit signatures provide up to 256 bit encryption | 2048 bit signatures provide up to 256 bit encryption |
| Periods Available | 1 - 4 years | 1 - 4 years | 1 - 2 years |
| Site Seal |  Yes (optional) |
Yes (optional) |
Yes (optional) |
| Ideal For | When you need encryption but user trust is unimportant (i.e. if user already trusts you and just needs an encrypted connection with your server) | A low cost way to secure multiple subdomains at once. Covers an unlimited number of subdomains, so you can secure all *.domain.com for a single flat rate charge. | eCommerce sites - shown to decrease cart abandonment by over 30%. Increases website visitor trust by its rigorous validation process, indicated by a green address bar or similar high impact visual indicator in most modern web browsers. |
| Pricing / Order | Request Details | Request Details | Request Details |
Trust Logos
Use where you don't need the encryption technology of SSL, but still need to boost visitor confidence. Ideal if you don't collect sensitive data directly on your website (e.g. outsourced payment processing). Your business details are validated similar to the SSL certificate process, and the vendor (currently a choice of Symantec or GeoTrust) regularly scan your website for malware to ensure it remains free from malicious code injections. The logo assures visitors that your website is safe and trustworthy.
Contact us for pricing and to order →
PCI Compliance Scanning
The PCI Card Industry Data Security Standard (PCI DSS) includes 12 requirements for any business that stores, processes, or transmits credit or debit cardholder data. Compliance is mandated by the major international card scheme operators, and in turn your merchant bank. This service provides a compliance assessment solution including:
- On-demand vulnerability assessment scanning for PCI scan compliance
- Performed by Comodo; an independent PCI Approved Scanning Vendor (ASV)
- PCI Self Assessment Questionnaire (SAQ) compliance wizard