Security has always been a concern for internet users, especially the ones involved in some form of online transactions. There have been many processes made to secure these transactions from hackers. Most of the processes involve encryption. Encryption consists of mathematical algorithms that encode data into a scripted message that only the receiver can understand. A variety of protocols use encryption. One such protocol is Secure sockets layer protocol.(ssl). .
Secure Sockets Layer (SSL) was developed in 1995 and since then has been widely used to secure transferring information over the internet. It was developed by netscape and was later adopted by internet explorer. SSL is a protocol standard which has been accepted by many businesses and online banks. The SSL protocol is divided into two smaller protocols, named SSL handshake protocol and the SSL record protocol. The SSL handshake protocol is what establishes a "secure session" between the user and the companies server. This is achieved by communicating messages between the two machines to determine which "cryptographic algorithm" or "cipher" to use to encrypt the data. The handshake protocol uses a mixed breed of public key and symmetric key encryption. This is to utilise the better authentication techniques of public key encryption and the speed of symmetric key encryption. The SSL record protocol describes what encryption and the strength of that encryption to which the two servers connect. SSL is designed to hold many different types of encryption algorithms, including IDEA and DES. The encryption strength determines the difficulty of cracking the encryption. The default for encryption strength is 40-bit, but can be put up to 128-bit or even 168-bit. Once connected any data sent between machines is encrypted prior to sending and only the merchant's software can unscramble it. Data includes credit card numbers and its PIN number, so therefore SSL avoids the important data from being viewed by hackers.