Search Encrypt Uses SSL To Protect User Data
Search Encrypt is a privacy based search engine, so logically we use the most advanced data security features available. We even go beyond the level of security that SSL provides. Our search engine includes “Perfect Forward Secrecy”, which means we’ve achieved the highest level of security.
What is SSL?
SSL stands for Secure Socket Layer. It is a cryptographic protocol that helps encrypt communications over a computer network. It creates a secure transfer of sensitive information, like financial information, passwords, and Social Security numbers (websites that collect credit card information are required to have an SSL certificate on their site).
How Does SSL Work?
SSL uses a public and private key, which work in tandem to create a secure, encrypted connection. When a website has an SSL certificate it lets the users’ browsers know a secure connection is available. The website host then responds with the SSL certificate and a secure connection is established. Without an SSL certificate, information is mostly transmitted as plain text, which allows anyone with access to view all the information being transmitted. SSL, though, is encrypted, so it eliminates the risk of compromising information.
Types of SSL Certificates
Number of Domains
Single Domain: This type of SSL Certificate only applies to a single domain URL
Multi Domain (or Universal Communication Certificate): This secures multiple domain names and host names within a single domain. These are best for businesses with multiple sub domains and URLs for different service, product lines or geographic locations.
Wildcard: A wildcard SSL certificate sercures your website URL and an unlimited number of subdomains. (e.g. searchencrypt.com, blog.searchencrypt.com, store.searchencrypt.com)
Domain-Validated SSL: This is the basic type of certificate issued. Automated validation checks that the domain name is registered and that an administrator approves the request. To complete this process the webmaster must confirm the validation via email or configure a DNS record for the site.
Organization Validated Certificate: This is the standard type of certificate required for a e-commerce or public facing website. Organization validation is checked by real agenst against business registry databases. These certificates reveal the domain name, company name, organizational unit (probably your IT dept.), and where the site is registered.
Extended Validation (EV) Certificate: An EV certificate is the most secure and trusted of these certificates. The biggest e-commerce companies use these, and for good reason. Many businesses use these as another step to make customers feel more confident buying from them. (EV SSL has been linked to improved conversion rates.)
Can SSL Be Decrypted or Hacked?
While no system is perfect and truly “un-hackable” Search Encrypt uses more than just SSL to protect your information. Qualys SSL Labs gives each of searchencrypt.com’s servers an A-grade, so Search Encrypt provides the most secure SSL ranking. The short answer though, is yes, SSL can be hacked. However, instances of SSL being hacked wouldn’t effect user information on Search Encrypt.
Because we use perfect forward secrecy (PFS), hackers cannot get access to your search terms or browsing behavior. PFS, in secure communication protocols, means that the compromise of long-term keys does not compromise past session keys. This works because after 15 minutes of inactivity, all your browsing history expires and cannot be viewed on your PC or remotely.