A certified website or app holds a digital certificate from a recognized certificate authority. This digital certificate is a data file embedded in the site that signals the site’s safety to visitors, internet service providers (ISPs), and servers.
Digital certificates are also called SSL certificates because of the Secure Sockets Layer (SSL) encryption protocol — the first technology digital certificates used. Though the technology has changed (we now use the TLS protocol instead of SSL), the terminology hasn’t: We still call them SSL (or SSL/TLS) certificates.
You can confirm a website is certified by checking the URL. Certified site URLs begin with “https://” rather than “http://.” If you see the “s,” know that any personal data you enter into the site (e.g., your credit card number) will be encrypted, so nobody can steal the information while it’s in transmission.
Note that website security certificates need periodic updates. If a site you’re trying to visit has an expired certificate, your web browser should notify you before connecting to the site and ask whether you want to proceed.