You can't offer a secure checkout without a SSL certificate. Basically, if you don't have a SSL, people will be able to steal your customer's credit card info very easily.
Last edited by Jasonda; January 25th, 2007 at 01:41 PM.
Just use Paypal for simplicity sake. Once you've proven mass sales, then step it up with a custom cart and buy the godaddy SSL cert (it's definitely the cheapest!)
But Jasonda is right. You have to have it for your sake and your customer's sake.
If you are using third party payment gateways like Paypal, 2checkout.com, google checkout, you have no need to buy SSL because all the payments are processed on these third party payment gateway company websites.
__________________ Steve - Digitizer & Artwork Color Separations
First Design Free - http://www.gnizitigid.com
If you don't want to go the paypal route, and do your very own Credit Card processing system then a SSL certificate is REQUIRED. Thawate is one of the larger companies who sell SSL certificates. The downside with Shared certificates is that the user will leave your website to check out, and that may cause some confusion, and in turn lead to loss of sales due to the fact that the individual does not understand why they are leaving your website.
However, hostgator will include a shared SSL on selected plans.
If your shopping cart is fully branded to match your site's look and feel, many shoppers may never notice that they're on a "shared" SSL connection.
I used a shared connection for a while before I bought my SSL certificate.
Whenever I want to process credit card transactions on a site, I always buy an SSL cert. That makes sure you can have HTTPS:// and the secure lock when people are giving you their private info.
If you are just using PayPal, 2checkout, ccnow, etc, then you won't need an SSL cert.
If you just want to protect your site against hackers messing with it, should an ssl be applied or is it the servers job to keep hackers from inside your site.
I'm asking because my roommate told me that her friend knew of 6 ways to attack my site. While, I don't except cc info, there is a quote asp form that does have minimal client info.
If you just want to protect your site against hackers messing with it, should an ssl be applied or is it the servers job to keep hackers from inside your site.
If you are on a shared hosting server (you are paying a company to host your site), then they usually handle the server security. Having an SSL certificate won't stop your site from getting hacked into if it has a vulnerability.
Quote:
I'm asking because my roommate told me that her friend knew of 6 ways to attack my site. While, I don't except cc info, there is a quote asp form that does have minimal client info.
That sounds like some sketchy information from a removed source It's possible, but attack is not the same thing as "hack" into.
Get specifics. It might help you make your site more secure (or figure out that your friend's friend might be pulling your chain)
SSL certificate - how important 
