Global SSL Market Share and the Top 3 Certificate Authorities 1

Global SSL Market Share and the Top 3 Certificate Authorities

The different SSL certificate brands and their global market share

There are many SSL certificate brands on the market and all of them play an equally important role of protecting website users. SSL certificate encrypts the data communication between an Internet browser and a server, which ensures the safety of users when they submit private and confidential data to the server. The encryption protects the data and only the intended recipient is able to decrypt it to obtain the original data. Any attempts to hijack the data in transfer will be useless because the hijacker will not be able to decrypt it to obtain the original data submitted by the user. For more info about what is an SSL certificate and how it works, read more about it here!

As mentioned above, there are many SSL certificate brands on the market, and the 3 of the most famous SSL certificate brands are DigiCert, Sectigo and GlobalSign. As of the time of writing, their respective market share is shown below:

DigiCert – 19.7%

Sectigo – 16.9%

GlobalSign – 2.8%


Combined together, these three brands of SSL certificate account for nearly 40% of the SSL market share of the world. It is an amazing achievement, whereby these certificate authorities (CAs) work collectively to make the Internet browsing experience much safer for all Internet users out there! The brands are the CAs and they play an extremely important and critical role in this Internet era, where more devices are connected than ever and safety has become highly significant to communicate data between the devices.


Global SSL Market Share and the Top 3 Certificate Authorities 2

What is a Certificate Authority (CA)?

A certificate authority is a trusted third-party company or organisation which provides verification service to validate websites or entities (email addresses, companies, or individual persons). It is also commonly known as a certification authority, which authenticates that a certain website or entity is indeed who they claim to be. The aim of doing so is to make the Internet more secured, in order to protect both organisations and users alike.

Without the existence of CAs, you will definitely be unable to shop online, make payments online, perform banking online or do any forms of transactions online. The Internet would be insecure, and you will be reluctant to simply submit your confidential data online. However, with CAs and SSL certificates in the picture, then the situation will be a whole lot different! How so? Let’s use a simple example to give you an idea of why the existence of CAs are important!

Let’s say you are visiting your bank’s website, Citibank. If you are aware, the Internet is a dangerous place and things are not always as they seem. There is always the possibility of someone imitating Citibank’s website. Anyone can create a website that looks just like Citibank’s website. So, if there are 10 such identical websites and each website claims to be the official Citibank. So, how would the user know which one is the authentic one?

In such a situation, the role of CAs comes into the picture. It is their job to verify the websites/organisations and provide assurance to all Internet users about the authentic identity of a website to help them stay safe online. The process is done with the help of implementing SSL certificate on a website! When users see the presence of SSL certificate on a website, they feel more assured to perform transactions without worries. After all, you would not want to submit your banking account details on the Internet to parties other than the intended bank’s server, right?

How do Certificate Authorities use SSL certificate to validate a website?

Here’s a screenshot of how SSL certificate can help users to identify the authenticity of a website:

Global SSL Market Share and the Top 3 Certificate Authorities 3

Click the part highlighted in red box and it will open a box with detailed information on the SSL certificate of the website you are currently visiting.

Global SSL Market Share and the Top 3 Certificate Authorities 4

From the information, users can determine that the website, has been verified by DigiCert. Users will feel safe to perform transactions safely on this website. In other words, DigiCert has verified, so users can be 100% confident that they are connected to the official WebNIC site.

Certificate Authorities act like a passport authority on the Internet

When CAs issue an SSL certificate to a website, it is similar to your government issuing you a passport. The department in charge of issuing the passport requests that you go through a passport application process, whereby they verify you by your legal papers, photos and fingerprints. Finally, they release the passport to you, in which you use it anywhere in the world to prove your identity.

CAs are literally doing the same thing, but for websites and digital activities and footprints. They have in place a vigorous verification process, in which it depends on the SSL certificate type requested by the applicant and they charge a fee for it. Once verification is done, the CAs issue a digital certificate to the applicant (a passport for a website), and the applicant installs it on his/her website server to display to users. When users see the SSL certificate, the assurance will be similar to the assurance of when a country’s immigration officer sees your passport. Digital certificates prove that you are the authentic one!

The different types of digital certificates a Certificate Authority issues

1. SSL/TLS Certificates
SSL/TLS certificates are used to facilitate and secure the data communication between a browser and a website’s server. Once they are installed and working properly, it displays a lock on the left side of a website’s URL which indicates communication is encrypted and secured.

Global SSL Market Share and the Top 3 Certificate Authorities 5

2. Code Signing Certificates
Code signing certificates are mainly used by software developers and programmers to secure their programming code. These certificates ensure that the source code developed by them is authentic and it has not been modified by anyone. It protects users by authenticating the integrity of the code before they run a program or software, which might be malicious code.

Global SSL Market Share and the Top 3 Certificate Authorities 6

With code signing certificate

Global SSL Market Share and the Top 3 Certificate Authorities 7

Without code signing certificate


3. Email Signing Certificates
Email signing certificates are used to identify and verify individuals for web servers. They are also known as S/MIME certificates. When you sign your emails with this certificate, it assures the receiver that this email is genuine and that it is truly sent by you. Signed emails have a red ribbon and you can click it to view the details of the signer.

Global SSL Market Share and the Top 3 Certificate Authorities 8


4. Document Signing Certificates
Document signing certificates are mainly used to verify and authenticate the document creator. It is also great for validating the integrity of the document itself. It reassures document recipients that a document is as intended by the document creator by using a tamper-evident seal. If the seal is broken, the recipient will receive a warning about the integrity of the document.

Global SSL Market Share and the Top 3 Certificate Authorities 9


Some of the most famous Certificate Authorities

Global SSL Market Share and the Top 3 Certificate Authorities 10
Global SSL Market Share and the Top 3 Certificate Authorities 11
Global SSL Market Share and the Top 3 Certificate Authorities 12

In conclusion, the global SSL market is still growing at a healthy pace, and all of the top 3 CAs – DigiCert, Sectigo and GlobalSign are all constantly innovating and improving their products and services. They are all top providers of digital certificates to ensure the safety of all organisations and Internet users alike. Thanks to their contribution, the Internet is a much safer and more secured place to perform transactions online, bringing huge convenience to our daily lives. They issue millions of digital certificates yearly, whereby these certificates protect private and confidential information, encrypt billions of transactions and enable secure communication for a higher safety level.

The good news is, WebNIC is a verified partner of all these top 3 CAs. We have partnered with them to offer a wide range of digital certificates to help our partners optimise their web service business. We offer a wide range of SSL/TLS certificates, document signing certificates and code signing certificate. Click the links below to learn more about each certificate:

DigiCert –

Sectigo –

GlobalSign –

Document Signing –

Code Signing –

About WebNIC

WebNIC is an accredited registrar by ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers in over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected]

What Is Digital Brand Protection and Why Is It Important? 13

What Is Digital Brand Protection and Why Is It Important?

What is digital brand protection?

Digital brand protection is the action of taking continual and proactive measures in monitoring and protecting a brand’s digital identity. The aim of such a process is to ensure that its reputation is not taken advantage of by ill-intentioned people in the digital landscape.

With the advancement of the Internet globally, many brands must now build a strong online presence to connect with their customers. Customers’ attention is now largely focused online and brands need to adapt and change their ways of doing business accordingly. There is a huge change in consumer behaviour, and any brands who fall behind will likely see their businesses affected.

Nowadays, various digital channels – websites, email, search engines, social media and mobile are all crucial for brands to engage with their customers. These channels are great for growing their business, increasing awareness and reach, increasing touchpoints with customers online, as well as building a strong digital presence. With all these coming in the picture, it is certain that new external threats to brands that cannot be ignored will arise, and owners need to make sure to take care of their digital brand identity.

Therefore, digital brand protection is essentially implementing brand protection steps for all digital activities performed. The reality is that digital activities will inevitably increase usage of multiple digital channels and as a result they bring increased external risks to a brand, including both good and bad exposures. Hence, it is advisable for every brand to make sure that internally they have someone who is responsible for constantly performing digital brand protection operations. Brands have to react with high efficiency and equip themselves with skills to navigate the digital landscape and stay ahead of bad actors, especially those in the e-commerce space.


What Is Digital Brand Protection and Why Is It Important? 14

The importance of digital brand protection

1. Safeguard your brand name and reputation from frauds and impersonation
Brand name and reputation takes years and efforts to build, and they must be protected from online bad actors. As the legendary investor Warren Buffett stated, it takes 20 years to build a reputation and five minutes to ruin it. Your brand’s reputation works the same way as well.

Therefore, it is crucial that you perform due diligence in digital brand protection to safeguard your brand name and reputation. With a solid digital brand protection strategy in place, you can prevent online bad actors from using your brand name and reputation in fraudulent activities, or even impersonating your brand to scam users.

2. Prevent loss of customer trust and financial loss
As a continuation of the impact above, loss of brand reputation will then cause the loss of customer trust and eventually financial loss as well. Bad actors use your brand to steal from your customers and deceit them, causing a ripple effect whereby customers will be more alert in dealing with your brand, or even altogether stop doing business with you. Not to mention, business that is supposedly yours have been diverted away from you by impersonating your brand, causing a loss of revenue due to online counterfeiting and piracy.

Therefore, digital brand protection is an extremely important remediation plan that must be set in place for your brand to prevent all these losses.

3. Protect a brand’s intellectual property and online presence efforts
Bad actors are constantly taking advantage of brands by impersonating them in their digital activities. No industry is safe from this, including your brand. It is a serious issue because many bad actors now even go to the extent of making fully functional websites, as well as using authentic-looking emails to imitate brands with unbelievable accuracy. They hijack brands of their content and imagery, intellectual property, and use very similar URLs to steal website traffic from the brands, undermining all their efforts in building an online presence.

Therefore, brands are advisable to engage in digital brand protection activities, as well as to put in place strategies to handle situations such as those aforementioned, should they arise. You need a solid contingency plan to follow through if any external threats regarding your brand happen unfortunately.


What Is Digital Brand Protection and Why Is It Important? 15

The threats a brand faces digitally

Any brands which are not taking proactive measures in digital brand protection risk facing various types of threats by online bad actors. Here we outline some common threats:

1. Brand impersonation
We mentioned this previously, and now we outline here what kinds of impersonation might occur in your brand’s digital activities. To have an online presence means your brand has its own domain, website, email and various social media accounts. All of these are opportunities for bad actors to impersonate your brand to defraud or hijack.

The most common form of impersonating a brand is to use a spoof domain, whereby a bad actor uses a domain to look like your brand. It can be as simple as using similar typo which involves using your brand name or the more advance method of hosting content that mimics your brand’s content, as shown in the pictures below.

What Is Digital Brand Protection and Why Is It Important? 16

Image source:


According to also, some common domain spoof tactics include:

  • Extra added or left out letters in the domain, such as Yahooo[.]com, mozila[.]com
  • Dashes in the domain name, such as Domain-tools[.]com
  • The letters ‘rn’ disguised as an ‘m’, such as versus
  • Reversed letters, such as Domiantools[.]com
  • Plural or singular forms of the domain, such as Domaintool[.]com


What Is Digital Brand Protection and Why Is It Important? 17
Phishing website impersonating the PayPal brand


The aim of doing so is to trick users into believing that they are visiting a legitimate website to share their confidential information. We call these phishing websites, and any brand that has an online presence faces the domain impersonation threat.

Other notable impersonation methods that bad actors can also use include social media impersonation, CEO or key personnel impersonation, as well as mobile application impersonation.

2. Brand abuse

Bad actors can also abuse a brand’s name and reputation online through various methods, which are unauthorised by the brand owner or unknown to him/her. Some possibilities that bad actors can exploit through brand abuse include:

Unauthorised sales channel and grey market abuse

Bad actors take advantage of your brand’s reputation to sell your brand’s goods and services through sales channel unauthorised by you since the beginning. Or they exploit the difference in prices for the different markets of your brand, in terms of minimum retail price (MRP) violations.

Counterfeit goods and services

Piracy is rampant online, and your brand risks being used without permission in the trading of fake goods and services, which will harm your brand’s reputation and credibility. Bad actors abuse your brand’s copyright, trademark and intellectual property. For example, they use your brand logo, content and identity to deceive users.

Domain and cybersquatting

Your brand also faces the threat of domain abuse and cybersquatting online, whereby bad actors register your brand using any of the various top-level domains. They use the domains for cybersquatting and demand a payment from you, or they threaten to impersonate your brand to perform phishing attacks as mentioned above.

Malware distribution, PPC advertisement hijacking and crypto-jacking

Bad actors also take advantage of your brand as a cover up for their illegal actions of distributing malware, ransomware, trojans, virus or doing crypto-jacking. They do so by taking control of your website, or making a highly similar website as yours. Then, they install executable files and scripts on your brand’s website or the fake website to infect all visitors who search for your brand.

In summary, these threats can happen to anyone and any brand at any time. If your brand does not have a proper digital brand protection in place, the implications are severe and it will lead to tarnished brand reputation, loss of customers’ trust and their business, and eventually financial loss. The headaches of solving digital brand threats are very daunting and costly. Do make sure to perform digital brand protection actions beforehand, and make sure that all these do not happen to your brand(s).


What Is Digital Brand Protection and Why Is It Important? 18

Who needs digital brand protection?

The answer is definitely ANY company that has an online presence. Digital brand is part of the core assets of a brand now, as long as you conduct any forms of digital activities for your business. Make sure to start taking actions for your digital brand protection. Here are some steps you can start thinking about:

  • Proactive global domain registration service
  • Phishing, brand abuse protection & take down service
  • Protection from “domain hijacking” lock
  • Domain portfolio management
  • SSL portfolio management
  • Online digital reputation management
  • Domain brokerage & escrow service
  • Domain audit
  • Personal data WHOIS protection

Digital brand protection is of utmost importance now in this digital era. Not only does brand protection matter a lot in the real world, but it also matters a lot in the digital landscape. Do not allow your brand reputation to be exploited by ill-intentioned players! It takes years to grow your reputation, so why let bad players destroy it? The good news is, we also offer digital brand protection service. Protect your brand’s online reputation by letting us do all the heavy lifting for you. Contact us to learn more.

About WebNIC

WebNIC is an accredited registrar by ICANN and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers in over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected]

Understand What is a Digital Signature and Its Benefits 19

Understand What is a Digital Signature and Its Benefits

What is a digital signature?

A digital signature is a specific kind of electronic signature (or e-signature) to digitally sign and secure electronically transmitted documents. It is widely recognised as the most secure type of electronic signature, among the many different types out there. All digital signatures operate in a standard and an internationally accepted format, called the public key infrastructure (PKI) protocol. Therefore, it is regarded as the most secure type of electronic signature, and it is legally binding in many countries.

Digital signatures are identical to physical signatures in that they are unique to every person. They support “non-repudiation”, time-sensitive transactions, audit trails and regulation requirements. They identify the identity of the signer, provide a timestamp of when the documents are signed and support an audit trail if needed. They also provide a tamper-evident seal to secure and proof the authenticity of a document, ensuring it has not been altered since the time of signing. This is extremely important for working with documents online securely.

How does a digital signature work?

As mentioned above, digital signature works by using a specific protocol, PKI. It is regarded as the golden standard when it comes to validating and authenticating digital identity through encryption. Under the PKI protocol, a mathematical algorithm that can only be done by a computer generates two long numbers (known as keys), which act as a pair of related keys, a public key and a private key. Both the keys act together to encrypt and decrypt a message, through an encryption mechanism known as the public key cryptography. They work together to generate a digital signature for the document signer, which is equivalent to his/her digital identity.

Here is an example of the whole working process of a digital signature:

  1. Mary selects a file to digitally sign it to send it to her colleague, James.
  2. A hash value of the file’s contents is generated by Mary’s computer.
  3. This hash value is encrypted with Mary’s private key to create a digital signature.
  4. The file with the digital signature is sent to James.
  5. James receives the message, and his computer program identifies the file has a digital signature. When he opens the file, his computer will proceed to decrypt the digital signature using Mary’s public key, then calculate the hash of the original message and compare the hash it receives to the decrypted hash received with Mary’s message.
  6. Any difference in the hash values means there has been a tampering of the file.
How does a digital signature work

The whole working process of a digital signature

What are the benefits of using a digital signature?

A digital signature brings many benefits in the process of document handling, and it works better than traditional signatures. Here are some of the benefits of using a digital signature to sign electronic documents.

  1. Highly trusted and compliant to proven consent of the signer.

When the signer digital signs an electronic document, he/she needs to supply specific credentials to perform the action. The credentials are unique for each individual. By digital signing a document, it is a strong indication equivalent to the signer giving consent for his/her signature, and it also confirms his/her identity, because no one else has his/her specific credentials. Hence, a digital signature is highly trusted and compliant with laws, which also acts as a written evidence to confirm one’s identity.

2. High security and protection

A digital signature provides an audit trail that is retraceable to validate changes to an electronic document. It is cryptographically bound to the said document and the audit trail acts as a tamper-seal to ensure no alterations are made after a document is digitally signed. An approach like this ensures that when the receiver opens the document, the contents in it are exactly the same as intended by the sender. Any detected differences will alert the receiver about the authenticity of the document, providing protection to the document and the recipients.

3. Convenience in terms of time-saving and cost effectiveness

Digital signature is done fully online without the need to have physical copies of documents. It saves time in managing documents and obtaining physical signatures from multiple parties, especially when there is a large number of documents. Instead of preparing them physically through printing, in-person appointments, scanning, dispatching and running around, send a digital copy to all and save time! It is also cost-effective, which reduces paperwork cost, travelling cost, or even costly mistakes due to human errors while handling them physically.

Understand What is a Digital Signature and Its Benefits 20

Use cases for digital signature

Nowadays, many businesses and their online documents make use of digital signatures to increase the efficiency for their business processes, while at the same time ensuring the security of these documents which are used in critical business transactions. Example documents include:

  1. Contracts and legal documents: Many countries recognise digital signatures as legally binding, hence they are suitable for such documents, which require authenticated signatures and unmodified assurance.

  2. Sales agreements: Digital signature on these documents protect both buyers and sellers and it provides peace of mind for both parties. Their identities are authenticated, their signatures are legally binding and they know the terms and condition of the agreements are not altered by any third parties.

  3. Banking and financial documents: The financial department of companies can digital sign their invoices and send to their customers. Customers are protected, knowing the payment requests are from authenticated and the true seller, not a bad actor scamming them to send money to a fraudulent account.

  4. Healthcare data: Data privacy is of utmost importance in the healthcare industry, especially patient records and research data. Digital signatures protect the sensitive information contained in these data and make sure they are not altered during sharing between qualified parties.

  5. Government documents: When government agencies handle data, they need to adhere to strict guidelines and regulations. Digital signatures streamline the process by making certain the right people with the right authority can perform government approvals, without being altered illegally.

  6. Shipping documents: Digital signatures help manufacturers reduce costly shipping errors, due to incorrect cargo documents or tampering. Digitally signing shipping documents are much more accessible and safer compared to physical shipping documents.

Start selling digital signing certificates with WebNIC

A digital signature can only be created with digital signing certificates. Therefore, WebNIC has added a new service to provide document signing certificates service to our valued partners. Our digital signing brands include world-renowned brands, DigiCert, Sectigo and GlobalSign to help our partners deliver the best digital signature service. Digital signature is gradually becoming more mainstream and it will evolve into an important must-have when it comes to dealing with documents online! Get started selling today and be a part of this global trend towards a digital signing age!

About WebNIC

WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

Goodbye SSL/TLS Certificate 2 Years Maximum Validity 21

Goodbye SSL/TLS Certificate 2 Years Maximum Validity

Goodbye SSL/TLS Certificate 2 Years Maximum Validity

In February 2020, Apple has announced groundbreaking news to the SSL/TLS certificate industry during a face-to-face meeting of the Certification Authority Browser Forum (CA/Browser Forum). It has independently declared that starting 1 September 2020, the Safari browser on all of its iPhone and Mac operating systems will no longer trust SSL/TLS leaf certificates with a validity period of more than 398 days, equivalent to a one-year certificate plus the renewal grace period. In other words, any leaf certificate issued after the said date, with a validity period of more than one year, will be classified by Safari browser as an untrusted certificate. Other types of SSL/TLS certs, including intermediates and roots, are unaffected.

An Expected Development

The news comes as no surprise as SSL/TLS certificates’ lifespan has been reduced every now and then throughout the past decade. The validity period of certificates is on a reducing trend, with the most recent reduction to one year, happening soon after 1 September 2020.

Just over a decade ago, SSL certificate providers were selling certificates that spanned between 8 and 10 years. In 2011, the Certification Authority Browser Forum (CA/Browser Forum) was established, which consists of all the certificate authorities (CAs) and big browser makers. They determined that the 8 to 10 years validity period was just too long, and decided to cut it down to 5 years. The same thing happened in 2015, and the validity period was cut down to 3 years. In 2018, it was cut further down to 2 years. Now, Apple is pushing for 1-year certificates by making changes to its Safari browser. Below is what you can expect for this latest development.

Goodbye SSL/TLS Certificate 2 Years Maximum Validity 22

All the major browser makers have for years lobbied to shorten the validity period at the CA/B Forum, especially Apple and Google. They have constantly raised ballots for forum members to cast votes to reduce the term. Last year August, Google’s Ryan Sleevi introduced a ballot at the CA/B Forum that pushed for a maximum one-year validity for SSL/TLS certificates. However, citing concerns and comments from users, which are mostly in objection, most of the major certificate authorities (CAs) downvoted in the ballot and the issue was put on hold. With no concrete decision, Apple has announced in February this year of its unilateral decision to implement the 1-year certificate for its Safari browser.

A Shorter Validity Certificate Has Its Good and Bad

The idea behind a shorter-term SSL/TLS leaf certificate is that the shorter the validity period, the more secure it is. The purpose behind this approach is the browser makers want to make sure that web developers are always using the latest SSL certificate encryption standard and technology. It can be achieved when SSL certificates expire in a shorter time, and they need to be frequently updated more by web developers. Doing so will help browser makers to increase web security for users’ safety.

It also reduces the risks whereby old or neglected SSL certificates are exploited by hackers to perform phishing or malware attacks. Old certificates might be using an encryption technology that was powerful three years ago but is now broken by hackers. That is just how fast things move in the cybersecurity industry. Browser makers are well-aware of this and therefore firmly push for a shorter validity period for SSL certificates. The approach is also believed to be able to effectively reduce the timeframe in which hackers can use to explore how to exploit a certificate. It also makes it less likely in the future that old certificates using retired encryption are still used by web developers and end up being exploited. Through this approach, SSL certificates with new keys will be generated regularly to keep hackers at bay and as a result, reduce their exploitability.

However, with shorter SSL certificate validity period, comes more workload for the web developers or website owners who are managing them. They will be required to increase the frequency of certificate replacement tasks, and it might take up a lot of time if they are managing up to hundreds or even a thousand certificates. The hassle factor is indeed there, which is why many users are against this implementation. It increases their cost and overhead, and it is also prone to more human mistakes and errors due to increased workload and confusion.

How Will This Change Affect Website Owners and Customers?

Safari is the second leading web browser, with a 14.4% market share, as shown in the image below:

Goodbye SSL/TLS Certificate 2 Years Maximum Validity 23

Image from: W3Counter June 2020 (

With an approximate 4.5 billion Internet users around the world, 14.4% equals to roughly 650 million users who are using Safari browsers. Website owners will definitely want to ensure that their websites are trusted by Safari, or risk losing their precious traffic when the privacy error shows up on Safari. Website owners are expected to become more occupied in renewing their SSL certificates on a yearly basis to ensure an excellent customer experience. Website admins will be expected to streamline their existing certificate management practice in order to adapt to this new implementation on Safari. Large organisations with a large number of SSL certificates will be searching for a reliable and automated certificate management solution to reduce manual management and errors.

How Will This Change Certificate Resellers?

For a starter, you can still issue two-year SSL certificates up to 31 August 2020 for your customers to use until they expire. After the said date, it is recommended to issue one-year SSL certificates only, as far as Safari browser is concerned. You can of course still issue two-year certs, but you need to ensure you have a good certificate management solution to keep track of all the two-year certs you previously issued and renew them after one year to continue being trusted by Safari browser.

Certificate Authorities Are Prepared

With all that said, you can still feel at ease, as the leading CAs have early anticipated this development and respectively prepared solutions for it. They have put in place new platforms and certificate lifecycle management solutions and subscription plans to help SSL certificate resellers to adapt to this change. New options and implementation of SSL certificates are ready for web masters to purchase coverage for a more extended period. DigiCert has prepared DigiCert® CertCentral TLS Manager, and Sectigo has developed Sectigo Certificate Manager.

With new platforms and solutions in place, SSL certificate resellers can gain more flexibility in offering automation, multi-year plans and discounts for their customers which sign up for SSL certificates for a longer period. Automation will help to ease the workload in managing their customers. Here are some of the benefits of this approach:

1. Resellers can help their customers to save cost by offering a multi-year price discount.

2. Resellers can help customers to only purchase once without having to worry about it anymore.

It is believed that the change will be a win-win for both parties with the introduction of the new automation solution.


In conclusion, we believe it is only a matter of time before all other major browsers follow in Apple’s footstep. A 1-year certificate is definitely the new common soon. Once any one of the major browser makers does so, CAs know perfectly well they definitely need to change their certificates to a 1-year validity period, as the browser makers are equivalent to the web’s gatekeepers and they hold all the cards. CAs can only follow suit.

However, we are not worried and you should not be, too! CAs are well-prepared and have put in place new platforms and solutions to help manage SSL certificates. We believe it will be a relatively smooth and straightforward transition, and everyone will get to enjoy greater website security and an enhanced certificate management experience.

WebNIC is proud to announce that we now offer DigiCert CertCentral TLS Manager service, which we believe will benefit you greatly. If you have any inquiries, feel free to email us at [email protected] for more info.

About WebNIC

WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

Build an All-round Protection for Business Digital Identity 24

Build an All-round Protection for Business Digital Identity

What is a Digital Identity?

A digital identity is equally important to a physical identity in the real world, except that it exists in the digital landscape. Just like in the real world, when opening a bank account, renting a car, buying an insurance, you need to present your identity card for the respected parties to confirm your identity, so that they can confirm you are who you claim to be.

The same goes for any business that has established a presence on the Internet. Website visitors need an assurance for the business’s digital identity, and that they are truly dealing with the real authentic business. They need safety indicators to be sure that they are not dealing with some fraudsters or scammers, pretending to be the business entity and tricking them into submitting their private and confidential information. In fact, businesses which do not have a secured digital identity is one of the many causes for the alarming rate of cybersecurity incidents that took place in recent years.

The crucial point here is, all businesses must place protecting their digital identity as a main priority and a core business process to protect themselves, as well as their customers online. We outline below the importance of protecting digital identity.


The Importance of Protecting Digital Identity

Build a strong brand reputation, trust and credibility

Businesses which have a secured digital identity are more likely to score more merit points from users, which will help to build a better brand reputation, a higher trust level from customers and a higher level of credibility. Many customers are now increasingly more aware of cybercrimes and consider their online safety as an important factor before performing any online transactions with any business.

A secured and protected digital identity helps businesses to send safety indicators to potential customers. These signals serve as a powerful way to encourage customers confidence that the business is real, and they can safely perform any form of transactions with it online, knowing that their data is in safe hands.

Business owners must take securing digital identity seriously, because the brand reputation, trust and credibility are at stake here. There is this saying by Warren Buffett:

“It takes 20 years to build a reputation and five minutes to ruin it.”

Businesses which keep this in mind will then start to view securing a digital identity differently.

Prevent fraud cases and brand theft

Businesses who protect their digital identity enjoy a lower risk of cyberattacks. We all know very well that cyberattacks are happening frequently around the world, as they have appeared in news headlines a lot. It is safe to say that cybersecurity risk is inherent as long as the business uses any form of Information Technology (IT) to operate the business, such as using the Internet, send/receive emails, owns a website, selling online or using any forms of software.

All of these lie hidden risks that can be exploited by ill-intentioned individuals to perform criminal activities, examples which include using the business’s name to perform email frauds and phishing activities, or pretending to be the brand to scam unsuspecting individuals of their confidential information or monetary gains. Some criminals also carry out brand theft activities, to the extent of even making near perfect copies of brand websites to deceive the general public to perform financial transactions.

These examples show how crucial it is for businesses to take steps to protect their digital identity. It is in the best interest of business owners to ensure that their brands are not being taken advantage by scammers and fraudsters. Protect digital identity to prevent fraud cases and brand theft, which will hurt a brand’s reputation.

Businesses protect themselves, their customers and their private information

A secured digital identity also helps businesses to protect themselves, as well as their customers and their private information. It ensures the process of data exchange is completed correctly and prevents malicious hijacking by hackers and evil players. Data exchange can exist in the form of email and documents exchange, email exchange, software exchange or even the connectivity of Internet of Things (IoT) devices. The outcome of securing digital identity is that it can help businesses to save themselves from a lot of headaches and troubles that might arise from digital security issues.

For example, the first and foremost is the business’s identity. With a secured digital identity well in place, any business can inform its contacts that every single dealing is strictly true and authentic only if these signs are present. Else, all others are false or pretenders. Such a way can be implemented on websites, emails, documents and software programs. Doing so can help to educate customers to exchange data with only approved individuals or entities, thus preventing them from submitting data to unauthorised parties. In a way, a secured digital identity protects them and their private information, too.

It is without doubt that business owners must understand the importance of securing digital identity for their businesses, and that it must be placed as a core process of running a business. It will definitely save them a lot of time and money down the road, when it comes to dealing with digital security issues.


DigiCert Offers a Comprehensive and All-round Protection to Businesses

DigiCert, a world-renowned Certificate Authority (CA), offers a wide range of tool and tactics to secure businesses and help them protect their customers. A digital identity protection can be achieved in the following aspects, and DigiCert offers solutions for each of them.

Email & Document Security

Businesses deal with a lot of emails and documents in their operations. They are a necessity in ensuring a smooth operation for businesses. However, they also pose a security risk which might compromise a business’s digital identity.

DigiCert offers a solution of personal certificate. It enhances security by implementing documents and emails digital signing. Employees use their personal digital sign to notify receivers of the authenticity of the documents. It also comes with email encryption, in which only the intended receiver has the decryption to open and view the contents.

Software Security

Businesses now operate in a highly digitalised space, and make use of many different software for work efficiency. Software is like a car and must be routinely maintained and updated to solve bugs and errors. However, there lies a risk in which hackers can hijack the maintenance and upload malicious code and malware.

DigiCert offers a solution of code signing certificates. These kinds of certificates inform users that the update is authentic, and they can safely download and execute it. The developer has digitally signed the code to protect the integrity of the code, and that it has not been tampered with.

Website Security

Businesses use websites to establish their online presence. They are equivalent to the lifeblood of their digital identity. However, as mentioned before, hackers can create a near perfect duplicate of the websites to scam and fraud unsuspecting individuals.

DigiCert offers a solution of TLS/SSL Certificates to secure business websites. Read here to understand the importance of SSL Certificates. Having these certificates is like shouting to the public, this website here is the true website, as its owner has been reviewed and authenticated by us. That is why you see this TLS/SSL Certificate stating the identity of the website owner. All others are imposers and you should not deal with them.

There is a wide range of SSL Certificates on the market. Read here to understand how to choose the right SSL Certificate for your website.

Internet of Things (IoT) Security

The human race is entering the IoT era where more devices than ever are interconnected with each other to work together and make life better and more convenient. Imagine smart devices, self-driving cars, smart homes, public connectivity all interconnected. Millions of connectivity will be implemented and how should we secure them from hackers.

DigiCert offers a solution to create and manage millions of IoT certificates for all the devices, from a single platform. How convenient is that! No more human errors from managing them. Trust in a machine, not a human!

The illustration below is a summary of DigiCert’s comprehensive and all-round protection for businesses in the digital landscape.

DigiCert All-round Protection



Protecting digital identity should be treated as a vital business process and has to be taken seriously by business owners. With an increasing number of cybercrime cases and online fraud cases, businesses cannot ignore this risk and must be prepared always to protect themselves and their digital identity in the vast Internet landscape.

At WebNIC, with the assistance from DigiCert as our valuable partner, we are always advocating to enhance web security. We offer a comprehensive and all-round digital identity protection to businesses, including protection of website, email, documents, software and IoT devices. If you need any digital identity protection solution, we are always here to help.

We are also looking for interested partners to be a part of us to stand strong with us to build awareness for web security and to make the Internet a better place for all. Come join us and DigiCert now!

About WebNIC

WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

SSL Certificate Site Seal Indicator and Its Importance 25

SSL Certificate Site Seal Indicator and Its Importance

What is an SSL Certificate Site Seal?

An SSL certificate site seal is a visual indicator on a website that provides security confidence to users. It comes with SSL certificates and it can be installed easily. After installing it, a small graphic will appear on the website, stating that the website is secured, and by which Certificate Authority (CA).

SSL certificate protection has a few trust signals that will show on a website, and a site seal is one of them. It is a method to display security on a website to give users higher levels of confidence, and reassures them their connection is encrypted and protected from attackers. A site seal is equivalent to a trust mark.


Static Site Seal vs. Dynamic Site Seal

There are two types of site seals, namely static and dynamic. The type of SSL certificate you choose to purchase will determine whether you get a static site seal or a dynamic site seal. Take a look at the illustration below for the differences between them.

SSL certificate site seal


Every SSL certificate is associated with either a static or a dynamic site seal. Before purchasing any particular SSL certificate, it is worth checking out which type of site seal it offers.

View our range of SSL certificates here: DigiCert, Sectigo and GlobalSign.

The Benefits of Installing a Site Seal on a Website

A site seal that comes with an SSL certificate functions as a strong trust indicator. It helps website owners to gain trust from website users easier and almost instantly. According to a survey done by Econsultancy/Toluna, 48% of participants indicated that trust marks provide the highest sense of trust when they are visiting a website.

A higher sense of trust will then result in a raise in website conversion rate. Blue Fountain Media did a split test on how adding a site seal affects trust and conversion rate. The results showed that the page with a site seal outperformed the page without one by a 42% increase in conversion.

An eye-tracking investigation by CXL also showed that users check for the presence of a site seal when submitting their info via a form. It is important because site seal adds credibility and reassurance for users to interact with a website. Therefore, the benefit that a site seal provides is to build a high level of trust and thus a higher conversion rate for your desired user actions.

CXL eye track investigation

Image source: CXL


◆◆◆◆  View our range of SSL certificates here: DigiCert, Sectigo and GlobalSign. ◆◆◆◆


SSL certificate site seal is a great trust indicator for website owners to put on their websites, especially on e-commerce related websites. It imbues a higher level of confidence and trust for website visitors to provide their information. Trust is an important factor that must be placed as the first priority by any website owners, and displaying a site seal is one of the simplest and best approach to build up trust.

About WebNIC

WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Malaysia, Korea, Indonesia and Taiwan, we serve 4,500+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

The Benefits of Buying a Wildcard SSL Certificate 26

The Benefits of Buying a Wildcard SSL Certificate

The Benefits of Buying a Wildcard SSL Certificate

SSL certificates play an essential role in website security due to their importance in protecting data transfer. Wildcard SSL Certificate offers many benefits to website owners, specifically owners that have multiple subdomain websites. It is one of the many multiple-use SSL certificates available on the market. If you have clients who own multiple subdomain websites, then you should consider recommending your clients to buy a Wildcard SSL Certificate for their sites. The question is, what is a Wildcard SSL Certificate, and what are the benefits you can present to your clients when encouraging them to buy it?

What is a Wildcard SSL Certificate?

Wildcard SSL Certificate is one of the many options for multiple-use SSL certificates, along with other options on the market, such as multi-domain (SAN) SSL certificate and Unified Communications Certificate (UCC). These certificates are similar in terms that they can protect multiple domains with just a single issued certificate, which means one certificate to protect multiple domains (multiple uses).

The way to implement a Wildcard SSL Certificate is effortless and straightforward. All it requires is during the configuration process of the Certificate Signing Request (CSR), the admin needs to just put an asterisk in front of the main domain that requires protection in the fully qualified domain name (FQDN) slot.

For example, a Wildcard SSL Certificate with * can protect unlimited subdomains, as shown below:


Similarities of Wildcard SSL Certificate to Regular SSL Certificate

Wildcard SSL Certificate is similar to any other SSL certificates in that it uses the same industry-standard encryption protocol, the 2048-bit RSA signature and up to 256 bits encryption. This standard makes it impossible for hackers to intercept data transmission to steal the info contained in it.

Besides that, a Wildcard SSL Certificate protects all the domains and subdomains similarly to a regular SSL certificate. The process behind establishing a secured connection for data transfer for both Wildcard and regular SSL certificates are identical. Read here to understand how SSL certificates work.

In addition, a Wildcard SSL Certificate works across many different kinds of servers and browsers, similar to the regular SSL certificates. It does not require any specialised technical knowledge to implement or any specific server or browser requirements. System admin can easily configure, implement and install a Wildcard SSL Certificate just like a regular single-domain SSL certificate.

The Advantages of Choosing a Wildcard SSL Certificate

  1. Save time and money

    As mentioned above, the best advantage of choosing a Wildcard SSL Certificate is that it allows for a single certificate to be used to protect the main domain and unlimited subdomains of a website. Website owners need to buy only a single Wildcard SSL Certificate to secure all their domains. They need not buy a single-domain SSL certificate for each and every domain of their websites. This approach helps website owners to save time and money in buying SSL certificates. For example, a website owner may own up to 10 subdomains, and it can become quite costly and time-consuming to purchase and setup 10 individual single-domain SSL certificates for each subdomain.
    From the financially view, assume that the average price of a single DV SSL certificate is around $7.00/month, and the cost of 1 year totals up to $84.00. 10 domains equal to $840.00 per year. If the owner purchases a Wildcard SSL Certificate, which is usually at an average price of $600.00 per year, he/she will be able to save a few hundred dollars every year. It is beneficial to the business in the long run. The owner also saves much time in installing a single Wildcard SSL Certificate only, as compared to installing 10 times for each individual single-domain SSL certificate.

  2. Simplify the management process

    Wildcard SSL Certificate also saves the owner many hours of workload in terms of installing, monitoring and managing the SSL certificates of many domains. It helps to simplify the entire SSL certificate management process. As a Wildcard SSL Certificate allows a single certificate to protect the main domain and all unlimited subdomains, it brings much convenience to the administrator when working with it. Handling one certificate is without a doubt easier and more manageable then handling dozens or even hundreds of SSL certificates separately.
    The situation of managing a large number of SSL certificates can even be more troublesome when it concerns OV SSL certificates. The verification process of OV certificates is more demanding, and imagine handling a large number of OV certificates. It is during a situation like this that buying a Wildcard SSL Certificate makes more sense than handling multiple SSL certificates. Simplifying the management process of SSL certificates with Wildcard SSL Certificate is a more practical solution.

  3. Secure the main domain and unlimited first-level domains

    A Wildcard SSL Certificate is more convenient due to its ability to secure and protect the main domain, as well as any number of first-level subdomains with a single certificate. Your clients can setup an unlimited number of subdomains, subject to the certificate issuer’s allowed number, but this number is usually far bigger than what they might possibly need. Another thing worth mentioning is that once a Wildcard SSL Certificate is issued, whenever your clients deploy a new subdomain protected by the certificate, there is no need to wait for the issuance of the certificate. They can instantly launch the subdomain, and it is immediately secured by the Wildcard SSL Certificate, saving deployment time.

  4. Reduce the possibility of costly human errors

    Sometimes, human mistakes in managing SSL certificates can be costly to a business, in terms of loss of reputation, loss of customer confidence, financial loss or loss of business. The cause to this can be as simple as forgetting to update expired SSL certificates, entering wrong business credentials or system configuration errors etc. Managing a single Wildcard SSL Certificate can definitely reduce to a great extent, the possibility of human errors, as compared to managing many SSL certificates.
    As in the case of the 2017 Equifax data breach incident, an expired SSL certificate on one of its internal security tools is the cause of it. It is without a doubt a human error which failed to track the SSL certificate and eventually caused the hefty fine of $700 million for Equifax.

Our Range of Wildcard SSL Certificate

DigiCert Wildcard SSL
Geotrust True BusinessID Wildcard Certificate
GeoTrust QuickSSL ®Premium Wildcard Certificate
RapidSSL Wildcard Certificates
Symantec Secure Site Wildcard
Thawte SSL Web Server Certificate Wildcard
Sectigo EnterpriseSSL Secure Site Pro Wildcard
Sectigo PositiveSSL Wildcard
SectigoSSL Wildcard
Sectigo PremiumSSL Wildcard
GlobalSign AlphaSSL Wildcard
GlobalSign DomainSSL Wildcard
GlobalSign OrganizationSSL Wildcard
Contact us now at [email protected] for more info on understanding which Wildcard SSL Certificate is suitable for your clients.


We hope this article helped you to understand what is a Wildcard SSL Certificate and the benefits of using it. You should definitely recommend it to your clients who have websites with many subdomains. It saves time and money, simplifies certificate management, secures the main domain and unlimited subdomains, as well as reduces costly human errors. Drop us an email at [email protected] or live chat with us if you need any other assistance or clarification when promoting Wildcard SSL Certificate to your clients!

About WebNIC

WebNIC is accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Malaysia, Korea, Indonesia and Taiwan, we serve 4,500+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

How to Choose the Right SSL Certificate for a Business? 27

How to Choose the Right SSL Certificate for a Business?

How to Choose the Right SSLCertificate for a Business?

Choosing the right SSL certificate for your client’s business can be a challenging task. This is because there are many different brands of SSL certificates:

How to Choose the Right SSL Certificate for a Business? 31
How to Choose the Right SSL Certificate for a Business? 32
How to Choose the Right SSL Certificate for a Business? 33
How to Choose the Right SSL Certificate for a Business? 34
How to Choose the Right SSL Certificate for a Business? 35
How to Choose the Right SSL Certificate for a Business? 36
How to Choose the Right SSL Certificate for a Business? 37

Each brand further offers different types of SSL certificates, namely Domain Validation (DV) SSL certificates, Organisation Validation (OV) SSL certificates and Extended Validation (EV) SSL certificates. In addition, SSL certificates can also be classified based on the number of domains they secure, namely single domain certificate, wildcard certificate and multi-domain certificate. Therefore, it is not surprising that you might find it quite confusing to choose the right SSL certificate for your client’s business needs. The question is, what factors should you consider when choosing an SSL certificate for your clients?

The Factors to Consider When Choosing SSL Certificate

  1. The nature of the business and the data collected

Every business’s nature is different and operates with different data requirements. Some businesses might need to collect more confidential and personal data, whereas some businesses do not need to collect as much data. For example, financial institutions require more personal information, whereas a blog usually requires less information from the readers. The nature of the website and the data collected is an important consideration factor when deciding on what SSL certificate to choose.

The main takeaway point here is, if the nature of the business requires the collection of highly confidential personal data, such as credit card info, personal identity info, bank details etc., then an OV or EV certificate is strongly recommended. On the other hand, if the business does not obtain any financial info, then a DV certificate should be sufficient.


  1. Website structure and the number of domains you need to secure

Every website has their unique construction and architecture. It is an essential factor when it comes to choosing the right SSL certificate. It is an undeniable fact that the design of the customer experience for each website can be very much different. Some websites have all their critical pages under one domain/subdomain, and some websites can have their key pages on multiple domains. Some major websites even need a large number of domains or subdomains for its operations and contents, such as a news website (BBC, CNN), a multinational corporation website (Toyota, Adidas) or a content-heavy website (YouTube, Amazon).

Therefore, to choose the right SSL certificate for your client’s business, one of the most important factors to consider is the website structure and the number of domains to be protected. The main takeaway, buy a wildcard certificate if the website uses only a main domain, and its subdomains are not more than one level from the main domain. Buy a multi-domain SSL certificate if the website uses multiple domains and subdomains.


  1. Budget

SSL certificates can cost anywhere from a few couple of dollars to a few hundred dollars per year, and the budget your clients have is a factor to consider when choosing the right SSL certificate for business. It is the best interest of any website owners to reduce their costs of running a website, and saving on SSL certificates is one of the main ways to cut cost. As mentioned in the previous points, it is important to do a detailed analysis of the website to understand the best SSL certificate that suits their needs and sell accordingly.

The important takeaway here is to choose the right SSL certificate that fits your client’s budget. It is not necessary to sell them a certificate that exceeds their needs, or they cannot afford, nor is it feasible to sell them a certificate that cannot protect all of their websites. Align their budget with the most suitable SSL certificate.


  1. The importance of trust level in the industry

Trust level is an essential factor when it comes to determining the right SSL certificate to buy. Some industries require a high level of trust in order for a business to operate in, such as the financial industry, the healthcare industry, the e-commerce industry, etc. As these industries deal with extremely confidential data, it is only natural that a high-level trust certificate is required, and that is the EV certificate. If a business takes customers’ trust seriously, it will buy a high-level trust certificate to safeguard its customers as much as possible. Or if the trust level in the industry determines the life or death of the business, then it is to the best interest of the business to choose SSL certificate with a high trust level. On the contrary, if the industry does not rely heavily on the trust level, and a certain level of trust is sufficient, then expensive certificates might not be necessary.

The key point, choose the right trust level of SSL certificates that matches the required trust level of your client’s business industry.


  1. Other factors worth consideration

There are also more factors you can consider when choosing the right SSL certificate for your clients. Some of them include the brand of the SSL certificate, the time it takes to issue, the validation type and the warranty. It is important to buy from well-known and trusted brands. Some brands might not be reliable and will cause you headaches. Another thing to consider is how fast do you need the certificate to be issued. If fast issuance is a priority, then DV certificates are the right choice. If trust is a priority, then OV or EV certificates are more suitable. A stronger validation type of SSL certificate requires more human work and therefore, will be slower in terms of issuance time. The certificate’s warranty can also be taken into consideration. If a business deals with a high amount of transactions, then certificates with a high amount of warranty are preferred.

The key point here, you can consider brand, issuance time, the validation level and the warranty amount when choosing the right SSL certificate for your clients. Choose good brands, select certificates that fit their timeframe, their validation level requirements and their preferred warranty amount.


  1. Customer support

Customer support also acts as an important factor in choosing a suitable SSL certificate. There might be times when your clients’ certificates face technical errors or installation errors. You will need support, and this is why it should be a consideration factor when selecting the right SSL certificate for your clients. You certainly would not want to choose SSL certificate providers that offer a bad customer support experience.


In conclusion, there are many types of SSL certificates on the market, and it can be quite challenging to recommend the right one for your clients. Every client has different needs, and you need to be able to identify the most suitable SSL certificate for them. If in the future you are unsure how to recommend, you are most welcomed to refer back to this article for help. Remember to consider these when choosing the right SSL certificate, the business nature, the website structure and its domains, the budget, the specific industry’s trust level, other factors such as brand, issuance time, validation type, warranty and last of all the customer support.

WebNIC offers a wide range of SSL certificates that fit different business needs. No matter what nature of the business your clients are in, what their website structures are, what their budgets are or what level of trust is required, our SSL certificate products can satisfy different requirements. Most importantly, we offer 24/7, 365 days of customer support. If you need assistance on any SSL certificate issues, we will always be there to help you. Check out our range of SSL certificates now!

About WebNIC

WebNIC is accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Malaysia, Korea, Indonesia and Taiwan, we serve 4,500+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

The Importance of SSL Certificates for Websites 38

The Importance of SSL Certificates for Websites

SSL certificate is an important safety requirement for any websites. It is an essential part of website security and plays a crucial role in protecting data transfer between a browser and the website server. Many Internet users are now more aware than ever of website security, due to so many website safety issues being reported by the mass media, especially data breach cases. SSL certificate has become a fundamental aspect of owning and running a website.

What is an SSL certificate?

SSL certificate is a digital certificate technology that provides authentication and encrypts data that is transferred from a website to a server, or vice versa. Applying for an SSL certificate requires certain procedures that authenticate the owner of the website. A website secured with an SSL certificate can be seen by indicators on the website browser. The indicators include a small padlock before the website URL, the “https” in the URL and also the secure message displayed when clicking on the padlock, as shown below:

The Importance of SSL Certificates for Websites 39
The Importance of SSL Certificates for Websites 40

The presence of an SSL certificate on a website provides users with an assurance that the website owners are verified, and the data transit process is encrypted. Data encryption protects the data from being read or intercepted by any third parties, and only the intended sender and receiver will be able to decrypt the data. SSL certificate facilitates and safeguards communication message so that it cannot be read or stolen by the wrong parties.

How does an SSL certificate work?

SSL certificate is an encryption technology that uses two concepts, asymmetric cryptography and symmetric cryptography. The process of establishing a secured connection over SSL will require two steps, the SSL handshake and the actual data transfer.

The first step is called an SSL handshake, which utilises the asymmetric cryptography concept. Under this concept, a mathematically-related key pair is created, which consists of a Public Key and a Private Key. The Public Key is shared with anyone interested to establish a communication with a server, while the Private Key is kept secret. A browser initiates the connection and receives the Public Key from the server. It then verifies the Public Key against data from the issuing Certificate Authority (CA) and ensures the Public Key is valid. This step authenticates the server as legitimate and will establish a secured connection for actual data transfer. If the Public Key is invalid, then the connection will fail, and data transfer will not happen. The first step, SSL handshake, is only considered complete if the Public Key has been validated.

In the second step, the actual data transfer will start by utilising the second concept, symmetric cryptography. Under this concept, a session key will be generated, which encrypts and decrypts data. Both the browser and the website server will share the key, which is only known to them. Any data that is transferred will be encrypted by the session key and can only be decrypted with the same key. This ensures a secured and safe process of transmitting data.

Websites with SSL certificates will need to go through these two steps to establish a secured connection for data transfer. All these extra steps will enhance security and safeguard users’ data so that the data they submit are protected from interception by third-party.

The importance of SSL certificate

  • SSL certificate increases conversion by building customers’ trust and confidence.
    SSL certificate increases the trust of customers, as it indicates that a website is safe for users. Customers are now more aware of website security, and SSL certificate is one of the most important signs they look for when visiting a website. They will be more confident, knowing that their data is properly encrypted and secured, thus increasing their willingness to convert as a paying customer.
  • SSL certificate authenticates the identity of website owners.
    Applying for an SSL certificate involves a process which requires authenticating the identity of the website owner. The Certificate Authority (CA) which issues the SSL certificate will request a website owner to perform specific actions, and in the process will verify him/her as a legitimate owner. Websites with SSL certificate assures that a website owner has been verified and therefore is much safer than a website without an SSL certificate.
  • SSL certificate establishes a secured connection for safety and integrity of data transfer.
    SSL certificate establishes a secured connection to protect data transfer. Any data sent will be encrypted and cannot be easily intercepted or viewed by anyone. In order to view the data, only the right corresponding key can decrypt the data, where only the intended receiver will have. This step ensures the safety and integrity of the data that is transferred.
  • HTTPS increases security levels to pass the security check of major Internet browsers.
    Many modern Internet browsers now have security features which scan a website to check if it is safe for users. SSL certificate ensures that there are no security warning messages which might cause users to leave a website. The best example is when Google made SSL certificates mandatory for all websites in 2018. If a website has no SSL certificate, Google Chrome browser will display a security error message as shown below, and many users will leave due to the message. SSL certificates ensure this does not happen.
    The Importance of SSL Certificates for Websites 41
  • Satisfy PCI DSS security compliance for online payments and transactions.
    If business owners are looking to implement online payments and transactions, they will need to satisfy PCI DSS security standards. PCI DSS stands for Payment Card Industry Data Security Standard, and one of the requirements is to have SSL certificates installed on their website. SSL certificates make the process of implementing online payments and transactions faster and easier.

The three main categories of SSL certificate

  • Domain Validation (DV)
    DV certificate only requires authentication of domain ownership, and the validation level is the lowest. It is suitable for websites which need fast issuance, but it is less secure because anyone can get a DV certificate issued.
  • Organisation Validation (OV)
    OV certificate requires validating the domain ownership, as well as the applicant’s organisation information to make sure it is an actual organisation. The validation level is higher than DV, as CAs take additional steps to verify organisation against public government information website or an approved third-party website before issuing OV certificates.
  • Extended Validation (EV)
    EV certificate has the highest trust level. Certificate Authority (CA) takes complete steps to perform full validation of the applicant, including the validation steps in DV and OV certificates. CA will also contact the applicant through phone and verify the applicant is a legitimate business.

Not sure which category of SSL certificates to choose? Check out our guide here.


SSL certificates are now extremely important for any websites. It is now one of the most critical safety standards for modern websites. It builds trust and confidence of customers, authenticates website ownership, provides a secured connection for data transfer, increases security levels to meet modern Internet browsers’ safety requirements, as well as satisfy PCI DSS security compliance for online transactions. All these will provide a substantial advantage for any businesses that have an online presence in the long run.

WebNIC offers a wide range of SSL certificates that fit any businesses, from small and medium enterprises to big multinational corporations. It is important to encourage your customers to buy SSL certificates as they benefit their businesses in the long run. If you are unsure how to sell SSL certificates to your customers, contact us at [email protected] and let us assist you. We will help you to set up and guide you in selling SSL certificates.

About WebNIC

WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Malaysia, Korea, Indonesia and Taiwan, we serve 4,500+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].

Advanced Web Security Steps to Protect Your Website 42

Advanced Web Security Steps to Protect Your Website

Advanced Steps to Increase Web Security

Website security is a challenging issue and is extremely important to protect your customers. Every website must be at least doing these basic steps to protect their customers from common web security threats. However, there are some advanced steps you can take to ensure a higher level of website security. These steps are well-established standards in web security and will help a lot in the long run. However, these steps are more technical and might require an IT professional to help. Below are the more advanced steps.

1) Take Precautions With File Uploads or Restrict Them Entirely

File uploads functionality of a website can be abused by hackers to compromise web security. Hackers will take advantage of it and upload malicious files containing scripts that overwrite important files of the website or even upload a file big enough to crash a website. They can upload files with scripts that exploit vulnerabilities of a website, and take over the website to perform illegal activities.
It is best recommended to avoid file uploads entirely to increase web security. However, if this function is necessary and required, at least restrict the types of files that can be uploaded. Take some steps to handle file uploads, such as filter the types of files that are allowed to be uploaded, analyse the file type, set a maximum file size, scan the files for malware, rename the files upon upload or store uploaded files in a separate location from the webroot. All these steps are very technical, and it is recommended to have an IT professional to help implement them.

2) Use Parameterised Queries

SQL injections are one of the most common web security issues. Many websites have fallen victim to SQL injections and resulted in a data breach. Many hackers use web forms to launch SQL injection attacks. They insert code into the web forms, which allows them access to the website’s database to steal data. It is important to prevent SQL injections to safeguard a website’s customer database. Parameterised queries restrict the web forms inputs and reduce the chance of attack. This step requires the expertise of an IT professional and is very effective in preventing SQL injection attacks.

3) Use Content Security Policy (CSP)

Cross-site scripting (XSS) is a web security exploitation used by hackers to insert malicious JavaScript code to execute on a website visitor’s device. It is similar to SQL injection, and website owners can take steps to restrict functions or fields that accept input from website visitors. The strategy to increase web security against XSS is to use CSP. It is a tool that can specify which domains a browser considers as valid sources of executable scripts. It lets the browser know not to pay attention to scripts from sources other than the valid sources. Implementing CSP to increase web security requires an IT professional.

4) Choose a Safe Web Hosting Plan

To increase web security, it is important to select a safe web hosting plan. The web hosting company must have security on its servers to protect websites. It is also recommended to prevent free hosting plans or shared hosting plans. The cost of hosting might be attractive for these plans, but most of the time they come with certain compromises on security. If other websites hosted on the server of these hosting plans are compromised, hackers can easily gain access to the server, and all websites hosted on the same server cannot escape from the hackers’ grasp. They can easily take over any websites to perform illegal activities. Therefore, it is important to select a good and safe web hosting plan to increase web security, although they might be costlier.

5) Protect Website File Directory and Permission

Adjust website CMS settings to limit user permissions and file permissions. Hackers now use bots to scan for websites using default CMS settings, which allow them to search for attack targets easily. This way, they can attack numerous websites easily with the single same malware or virus.
Adjusting website CMS settings will make it hard for them, preventing the website from being an easy target for them to find. It also improves the security of a website’s directory, which limits users’ write and read permissions on essential website files. The most important thing is to prevent hackers to easily read and write these files to take over the website.


From here onwards, web security will become more and more significant. With the forthcoming of Internet of Things (IoT) where thousands if not millions of devices will be interconnected, web security is poised to be an integral part of it all. Many people are more aware than ever of the importance of their data. With so many devices collecting data, advanced web security might even become the necessary fundamentals behind them. In case advanced security is just too difficult to understand, you can read here to learn about the basics of improving website security first.
If you are unsure about implementing web security for your website, WebNIC is here to assist you. We offer the industry’s leading web security solutions with value-added services. If you need any help, you are most welcome to contact us at [email protected] Or you can live chat with us by clicking the green button at the bottom right of our website.

About WebNIC
WebNIC is accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Malaysia, Korea, Indonesia and Taiwan, we serve 4,500+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected]

Back To Top