SSL: now essential for every website and webshop

Many websites and webshops still have little or no SSL protection

It's very important for a webshop or website to have a functional SSL certificate. An SSL certificate is a protocol for data encryption, which prevents cybercriminals getting hold of your customers' personal data, passwords, PINs, and bank and credit card details. Various types of SSL certificate are available. So how do they differ, and which is best for your site?

New legislation

If you run a webshop or website that handles personal data, you're required by law to secure the exchange of that data over the internet. In the Netherlands, failure to provide adequate security is a breach of the Data Protection Act. Nevertheless, many websites aren't protecting visitors against fraud and other abuses of their personal data. An SSL certificate guarantees visitors the privacy that the law demands. And the importance of ensuring privacy becomes even greater on 25 May, when the General Data Protection Regulation comes into force. Under the new rules, website proprietors can face heavy fines if their security isn't up to scratch.

Various types of SSL

There are three types of SSL certificate. They differ in terms of data verification, or the validation method used when the certificate is issued. The more thorough the issue validation method, the more information the SSL certificate contains.

  1. Domain validation

    A domain SSL certificate confirms only the identity of the domain's registrant. The registrant's details are checked against the Whois data recorded for the domain name. Because the identity of the associated company isn't verified, a domain SSL certificate is appropriate mainly where data needs to be sent securely, but the identity of the website is less important.

  2. Organisation validation

    An organisation SSL certificate confirms both the domain registrant's identity and the identity of the associated company, as verified with the Chamber of Commerce. The certificate enables website visitors to view the relevant details.

  3. Extended validation

    An extended validation certificate incorporates full details of the company, as verified by detailed cross-referencing with the Chamber of Commerce. It also confirms the webshop proprietor as the certificate applicant. It's only with an extended validation SSL certificate that both the company name and the green padlock icon appear in a browser's address bar. And it's that combination that inspires real consumer confidence.

                                                Domain validation Organisation validation Extended validation
   Http-slotje  Http-slotje  http-slotje-met-bedrijfsnaam
Green adress bar X X
Secure connection
Higher in Google
Registrant verification
Organisation details in certificate X
Organisation details validated with Chamber of Commerce X
Applicant verification X X
Extra security mobile support
Type website

Non-public websites (e.g. intranet sites)

public websites

Webshops, Banks, Commercial websites

Current situation 

In the Netherlands, there are about 3.6 million unique .nl websites. Of those, a little more than half a million (15.5 per cent) have SSL certificates. We did a survey to find out what percentage of business websites and webshops were using SSL certificates, and we got the following results.

                               Total  Number of SSL
Business websites  757,000 225.000 (approx 30%)
Webshops   80,000   47.000 (approx 59%)

In principle, all webshops and business websites should be using SSL. In other words, there is plenty of room for improvement. The majority of .nl websites that are using SSL have domain SSL certificates.

SEO ranking

For the last two years, a (valid) SSL certificate has boosted a site's ranking in Google's search results. Google doesn't take account of the type of SSL certificate. However, to get the ranking boost, SSL needs to be used for the whole website. It's not good enough to secure just your checkout page, for example. Being higher in Google's results will increase traffic to your website and therefore your potential income. Certification is therefore a win-win strategy. What's more, starting in July 2018, Google's Chrome browser will label websites without SSL certificates as 'insecure'. At the moment, Chrome puts an 'i' icon in the address bar when you visit a site without a certificate. From July 2018, that will probably be replaced by the red 'Insecure' warning triangle.


Current situation

From July 2018


In other words, there's soon going to be even more reason to get an SSL certificate for your website or webshop.


If you're one of the many people who find it all too technical, don't worry. Your web hosting firm or registrar will be happy to advise.


  • Wednesday 2 January 2019

    .nl domain name

    Exchanging ideas and working together


    Lively discussions in the SIDN Debating Chamber

    Read more
  • Tuesday 26 November 2019

    SIDN Labs

    Statistic of the month: fake webshop detections


    Our self-teaching system keeps getting smarter

    Read more
  • Monday 1 October 2018

    SIDN Labs

    KSK Key Roll Last Call


    Root zone's DNSSEC KSK rollover is going ahead!

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.