Any website that stores "sensitive" information like Credit Card numbers, personal information about other people (like names and addresses, Identity Numbers, Passwords etc) or sensitive company information, should only acquire the data from the individual via a secure connection. Not only is a secure connection important to protect you (the website owner) from fraud, but it is essential to protect your customers and staff from fraud as well.
Why is it important?
Firstly, when you enter data (including passwords, credit card numbers) over a non-secure internet connection, the data is transmitted from your PC to the destination server in plain text.
The fact that your browser shows a bunch of '******' for the password is simply what it shows you. Your password is still being transmitted as plain text!
So what does it matter?
Any data transmitted over the internet as plain text can be intercepted. It's as simple as that. A person with malicious intentions simply has to listen on the right ports or look in the right places to read exactly what you entered.
If that data happened to be your password or your credit card number ... well, you can guess what happens after that.
So what does it matter?
Any data transmitted over the internet as plain text can be intercepted. It's as simple as that. A person with malicious intentions simply has to listen on the right ports or look in the right places to read exactly what you entered.
If that data happened to be your password or your credit card number ... well, you can guess what happens after that.
SSL is protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:. 
