Why You Need SSL to Accept Payments and How to Setup SSL Certificate on HubSpot Website

What makes a great online store? It used to be that mobile optimization, great content, and responsiveness alone were enough.

Well, part of the process that you must accomplish when developing an online store is determining how to secure online experiences of your customers. If you’re new to online stores, you might get confused on SSL certificates as a primary component of the web security process. You may have tons of queries such as: what it is, how it works and more important, how to set it up on your HubSpot website.

In this article we break it down for you so that you understand what SSL is, why you need it on your website and how to set it up on your online store. Let’s get started.

What is SSL?

SSL is an acronym for Secure Sockets Layer. In some instances, it’s called the TSL (Transport Security Layer). SSL is simply a protocol that encrypts transactions between a client application (a browser) and the online store server. Simply put: SSL protects the sensitive information such as credit card details—by making them private and confidential—from being stolen by malicious users over the internet.

SSL uses an encryption algorithm that ensures that each message being exchanged on the web passes integrity test before being transmitted. If the integrity test fails—due to corruption or an unexpected alteration by malicious users—then such a transaction doesn’t proceed to successful conclusion.

For you to enhance the security of online transactions, you should obtain an SSL certificate that’s relevant for that domain. The certificate will apply the encryption algorithms for all the transactions that take place between customers and your online store.

SSL is visible to users in several ways in the website address bar:

  • A lock icon in the browser bar
  • The website address starting with https://

Why is SSL certificate vital for accepting payments?

As online mercantile, it’s your primary responsibility to ensure that the information being exchanged over your online store—which you collect from your customers—is protected at all costs. Here are reasons why you should protect your customer’s sensitive information such as credit card and personal information:

1. Confidential Transactions

The primary objective of any SSL is to transmit sensitive information with an encrypted connection. Your customers must be assured that their private data such as usernames, passwords and credit card numbers are not revealed to malicious attackers while they are making online payments.

2. Customer’s Trust

The majority of online shoppers are very choosy when it comes making online payments. Therefore, it’s your duty to convince them their privacy is guaranteed so that they trust your business and your products. An SSL enabled online store improves customer’s trust to your business.

How to set up an SSL certificate on a HubSpot website

You have 4 options here:

1. Buy SSL add-on from HubSpot

The pricing range is $100-$600 per month.

2. Install certificate on your server

If you host your website not on HubSpot, but for example WordPress on your own server, then you can buy a certificate from any major certificate authorities or get a free one from Let’s Encrypt. Then, you’d need to install it on your server, the installation process depends on your web server.

3. Flexible SSL from CloudFlare

To use this option you’ll need to move your domain to CloudFlare and activate Flexible SSL. It doesn’t involve buying and installing SSL certificate, but your visitors will still see the SSL icon and https:// in the address bar. Downside of this method is that it encrypts connection only between your site visitors and CloudFlare, but not from CloudFlare and your server.

4. DepositFix with encrypted subdomain

DepositFix is a shopping cart created especially for HubSpot. You can get a free subdomain on your domain (e.g. payment.yourdomain.com) for payment form. It’s still your domain, so buyers can be sure they pay to the right company plus you get fully 128-bit encrypted connection between browser and server.