SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a web browser. When you access your website normally you access it over port 80. Port 80 is a not an SSL connection. There is no encryption over this port. Shared SSL works over port 443. The data that travels over port 443 will be encrypted using SSL.
If you have ever visited a website using the https:// in the address bar you were creating a secure connection via SSL. If you have an e-commerce shop or sell items via a website, SSL helps establish trust with your customers. They can be assured your website is who you say it is.
What is an SSL Certificate?
Most SSL Certificates contain the domain name, company name, address, city, state, and country. It also contains an expiration date of the certificate and the details of the Certificate Authority (the company who issued the SSL). When a browser attempts to establish an SSL connection to a website it checks to make sure the certificate is not expired, has been issued by a trusted authority, and is being used for the correct website. If any of these checks fails your web browser will display a warning letting the user know that the site is not secured by SSL.
What is it used for?
There are two main reasons why you would need an SSL Certificate. The first and most common reason is because you want to accept credit card payments on your website. The second reason is that you may have confidential information that you want to keep secure while it is being accessed via the web. SSL Certificates also help to protect your passwords from being intercepted, when typed into a secure login page.
Do I need one?
If you are accepting credit card payments online via a merchant account, the credit card associations and networks require that you use SSL whenever you transmit credit card information, such as the card number, card holder's name, expiration date, CVV code, etc. (such as when a customer enters their credit card on your shopping cart order form or payment page).
This is an important part of making your website PCI compliant (a set of rules that must be followed in order to accept credit card payments).
In addition to being PCI compliant (which is required by Visa, MasterCard, Discover Network, American Express, Diners Club International, JCB and your payment processing company), your customers also look to see if your order form or shopping cart is secure before entering their credit card information. You can easily lose sales if your customers see that your site is not secure.
If customers are not entering credit card information directly on your website, but rather entering it directly on a payment processing company's website, such as PayPal, Google Checkout or Amazon Payments, then you do not need an SSL Certificate, since you are not transmitting or storing credit card information.