Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Is SSL certificate required by law for ecommerce stores?


Published on

A presentation on SSL certificates and its requirements.

Plus, answering the question: "Is the SSL certificate required by law for ecommerce stores?"

Read related blog post here:

Published in: Law
  • Be the first to comment

  • Be the first to like this

Is SSL certificate required by law for ecommerce stores?

  1. 1. Is SSL required by law for e-commerce stores https:
  2. 2. (1) Link to SSL stands for Secure Sockets Layer (1). SSL ensures that any data or information a user submits to the website, such as credit card information to make a purchase, will be protected and private.
  3. 3. To view more information about a SSL certificate, users can click on the Details link, then click View Certificate.
  4. 4. Here's an example of how the Shopify (2) website shows up as being secure. (2) Link to
  5. 5. PCI DSS stands for Payment Card Industry Data Security Standard (3). This standard was created in an attempt to help protect credit card companies by requiring that merchants and companies that process, store or transmit credit card information maintain a secure environment. (3) Link to What is PCI DSS Compliance
  6. 6. Complying with PCI DSS Being compliant with PCI DSS means meeting the following list of 12 requirements (4). (4) Link to
  7. 7. Ecommerce stores that use some third party ecommerce platforms, such as Shopify (5), Bigcommerce (6) and others, will have all of these requirements taken care of by the third party and won’t have to maintain a separate compliant network. (5) Link to (6) Link to Complying with PCI DSS
  8. 8. Keep users informed through a Privacy Policy To make sure your customers feel comfortable shopping at your store, you should make mention of the security of user data in your Privacy Policy agreement. You can also include a note that your store uses SSL certificates.
  9. 9. Examples Nike (7) includes a section titled "Protecting Information" in its Privacy Policy (8). Enjuku Racing (9) includes a section on "Security" in its Privacy Policy (10). (7) Link to (8) Link to (9) Link to (10) Link to
  10. 10. NIKE SHARING Information that is publicly shared may be used by Nike for promotional purposes. PROTECTING INFORMATION Security Measures: We use a variety of security measures, including encryption and authentication tools, to help protect your information. We use secure servers when you place orders. All credit card information you supply is transmitted via Secure Socket Layer (SSL technology and then encrypted within our databases. NO GUARANTEE However, like other companies, NIKE cannot guarantee 100% the security or confidentiality of the information you provide to us.
  11. 11. SECTION 5 - SECURITY To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
  12. 12. There isn’t currently a law that requires you to have a "Security" clause in your Privacy Policy agreement to inform customers about your ecommerce store's use of SSL certificate and how their credit card data is protected by your store. But privacy laws, in general, demand that ecommerce stores take care of customers' personal data by protecting their privacy and keeping them informed of privacy practices, including policies on safety and security of data. Is SSL Required or Not