If you’re just a casual web user, you probably don’t pay much attention to website URLs. You may also don’t know the difference between HTTP and HTTPS. What does that last “S” stand for? Why should you care if a website has this?
Here are some facts about cybersecurity and SSL that you need to know.
- 6.3% of the top 100K websites are SSL-compliant.
- 85% of all websites are encrypted.
- Only 40.6% of websites are adequately secured.
- 84.9% of all pages loaded in Firefox use HTTPS encryption.
- Let’s Encrypt has issued almost 1.8 million certificates in February 2021.
- Websites with SSL certificates saw an 11-42% increase in conversion rates.
- The prices of SSL certificates range from $8 to $218 annually.
- 97% of Chrome browsing time for US users is encrypted.
SSL (or Secure Sockets Layer) is a security protocol that establishes encrypted and authenticated links between networked users and the site they’re visiting. While most people still refer to this protocol as SSL, it has been long replaced by TLS (in 1999). The latest available update of the protocol is TLS 1.3.
With the ever-increasing cyber population and the millions of online transactions, there is also an increase in cybercrime involving fraud and identity theft. Cybercriminals typically hack users for information to steal their identities.
SSL certificates can help protect website users from these attacks—this can, in turn, improve your customer retention statistics.
1. In 2020, there were 1.4 million cases of identity theft in the US.
According to research involving encryption statistics, there were nearly 1.4 million identity theft cases in the US in 2020.
This indicates identity thefts have more than doubled year-on-year, with the figures showing 650,523 in 2019.
Hackers got access to this information through unprotected websites and phishing.
2. One-third of all unauthorized data acquisition involved phishing.
Phishing is a popular way for hackers to gain sensitive information. The perpetrators acquire this data by pretending to be a legitimate website or institution. Registered SSL providers confirm the legitimacy of websites while also protecting user data through encryption.
3. With 100,621,770 reported cases, the banking industry had the highest number of exposed records.
SSL security facts show that the banking sector has the most issues with data breaches.
Breaches typically happen when fraudsters hack the personal information of bank clients to access credit card credentials.
Aside from credit card fraud, hackers also take advantage of unauthorized access to online banking accounts.
4. 38% of users who lack cybersecurity awareness fail phishing tests.
Those who are not familiar with cybersecurity are more susceptible to online fraud. Such victims are unable to determine whether a particular website or pop-up page is malicious. Hence, they unknowingly give personal information to scammers.
SSL statistics imply that websites with protection encrypt this type of data, making it much safer for users without much understanding of cybersecurity.
5. An estimated $24 billion was lost due to credit card frauds in 2018.
Based on data gathered from SSL encryption stats, more than $24 billion was lost to credit card frauds in 2018.
Data also shows that almost 40% of the reports came from the United States. Credit card fraud has been ranked as the number one in identity theft cases, amounting to 35% of fraud reports.
6. Businesses comprised 46% of the total number of breached data.
Almost half of all data breaches have come from businesses. These include companies across different industries, such as banking, retail, and online stores.
As SSL stats show, non-protected websites expose data out in the open and hackers gain access to customers’ personal information that they use for identity fraud.
7. 6.3% of the top 100K websites are SSL-compliant.
Internet privacy statistics indicate that, while it’s extremely important for all sites to provide absolute security to their visitors and consumers, some of the services—especially the ones involving private and financial information—have prioritized securing their clients’ data.
On the other hand, almost all of the websites bear some sort of security threat—even WordPress stores send the login details across the internet.
8. Internet security statistics reveal that the COVID-19 pandemic initiated a rise in internet fraud.
Fraudsters have taken advantage of the COVID-19 pandemic for malicious activities. As the pandemic forces people to stay indoors, they spend more time online.
By the end of July 2020, there have already been 142,992 reported cases of COVID-19-related internet frauds.
9. Three new phishing sites are launched every minute.
A study on SSL traffic statistics reveals that a new phishing site is launched every 20 seconds.
These sites copy actual existing and legitimate websites such as shopping platforms, online banking, credit card companies, and telecommunications providers.
They also pose as random pages stating the user has won fake prizes in exchange for their details.
10. 57% of organizations have experienced phishing incidents through mobile devices.
Hackers use phishing on mobile devices through different apps, including messengers, gaming, and various social media applications.
Encryption statistics also show that individuals are more susceptible to phishing attacks on mobile devices than desktop computers.
11. Mobile phishing attacks are up 85% per year since 2011.
Phishing on mobile is getting more common. Users who have encountered these activities reported clicking on links that bypass multiple security layers.
Emails are usually the first contact for malicious content, which people often open on mobile devices.
The prevalence of criminal activities online has made the use of SSL a standard practice. Through SSL, users can determine the websites’ legitimacy early on and exit if any problems arise.
The SSL data encryption also protects sensitive information, ensuring that all transactions are safe.
12. Percentage of HTTPS websites at the moment is 85.
Malware campaigns that use some type of encryption were predicted to reach 70% by the end of 2020.
While the global internet traffic has been growing at the rate of 27% CAGR, encrypted internet traffic has shown similarly accelerated growth, from 55% in 2017 to 85% in 2020.
13. 59.4% of surveyed websites are inadequately secured.
This is what data for February 2021 showed—the percentage of websites that passed the encryption test with one of the A grades (A+, A, A-) is 40.6%.
Only 11.8% were graded A+, signifying the maximum security provided for their visitors.
14. 84.9% of all pages loaded in Firefox use HTTPS encryption.
When it comes to the US users alone, the percentage is even more impressive—92.2% of pages were encrypted for users’ security.
Comparatively, SSL stats show users in Japan, for example, are much closer to the global average, with 86.3% browsing the pages safely.
15. SSL Labs reports that only 36.5% of websites on the internet are secure.
Out of 138,155 websites surveyed, only 50,367 were rated as secure—10.3% were graded as A+. Grade F, indicating severe security issues, was given to 3.6% of the website in a monthly scan for October 2020.
It’s important to note that the websites were taken from Alexa’s list of the world’s most popular sites.
16. Let’s Encrypt has a market share of 0.3% among the websites using SSL certificates.
When it comes to an overall number of websites, the share is 0.2%. The usage has increased—more than doubled—over the last year, as the company’s market share in March last year was just under 0.1%.
17. In February 2021 alone, Let’s Encrypt has issued almost 1.8 million certificates.
SSL statistics show the peak was reached in March 2020, when over two million certificates have been issued in a single month.
The timing doesn’t come as a surprise, considering that a lot of people’s lives have been reduced to online existence and operating—boosting concerns and immediacy for secure navigation on the internet.
18. Having multiple security products increases security risks, according to SSL stats.
“Less is more” is certainly true when it comes to security providers. Data shows that 50% of security risks organizations face are due to having multiple security providers.
Sticking with one provider with a tailor-fitted security approach is much safer than having several providers.
19. SSL facts show ecommerce websites with SSL certificates saw an 11-42% increase in conversion rates.
Users are more likely to click the buy icon and give information knowing that the site is secure and can be trusted.
The increase in profitability is a huge benefit for ecommerce sites compared to the small fees associated with getting an SSL certificate, thus becoming the standard for all ecommerce businesses.
20. Good SSL certificates range from $8 to $218 annually.
The best SSL certificate is one that fully protects your website users. But there are different types of certificates with various extra features. While there are free SSL options, such as CACert, they only offer a very basic protection level.
Next is Namecheap from Comodo Positive at $8.88 annually, with features that are a notch higher than the free versions.
SSL overview shows that Geotrust True BusinessID stands at the top at $218 annually. With that hefty price tag comes all the features business owners need, as well as the positive association with a well-trusted security brand.
21. SSL certificate statistics reveal that many scammers can still conduct fraudulent activities through registered HTTPS sites.
As free SSL certificates only give you basic protection, perpetrators use the loopholes on free certificates for malicious intentions. A shocking 86% of these attacks use malware or other forms of trojan viruses.
Another common means for fraudsters to conduct malicious activities is through spear phishing.
22. The recommended HTTPS encryption strength is 128/256-bit bulk.
The encryption strength is measured in bits used to encrypt data during one SSL session. The higher the number of bits is, the longer it takes to decipher the data encrypted by it.
23. California alone had 101,639 reported cases of identity theft in 2019.
Internet security statistics indicate that California has the most reported identity thefts in the US, followed by Texas, Florida, Georgia, and New York.
The number of cases coincides with the population’s size per state as the higher population also tends to have higher reports.
24. In 2020, Brave turned out to be the most secure web browser.
SSL stats rank Brave as the most secure web browser. Brave’s primary focus is on privacy, as it does a superb job of blocking cookies and pop-up ads. Tor Browser placed second for the most secure web browser: it’s also highly secure but at the expense of speed.
Trailing behind them are the more famous names: Mozilla Firefox, Google Chrome, and Safari.
25. A majority of organizations don’t believe antivirus software is enough.
With cyber fraud continuously rising, SSL statistics show 69% of surveyed organizations believe that anti-virus software is not enough to protect them from data breaches.
While many antivirus providers offer a fair amount of protection, SSL will always be an essential defense line against attacks.
26. Take a look at the top 10 SSL certificates and their market shares.
The best and most used SSL providers are Sectigo (37.89%), Digicert (16.92%), GoDaddy (13.81%), USER TRUST (13.51%), and Starfield Technologies (9.78%). Global Signs places sixth with an SSL market share of 4.40%.
GeoTrust follows them, alongside SecureTrust, Alpha SSL, and Network Solutions SSL Certificate.
27. 65% of CIOs are concerned about cyberattacks due to expired or compromised SSL certificates.
According to a survey regarding SSL security facts among CIOs, two-thirds worried about cyberattacks due to expired or compromised SSL certificates.
More than half (56%) of respondents expressed concerns about a business disruption caused by outages of invalid certificates.
Around 74% of these CIOs indicated that they experienced a certificate-related outage in 2018 and 2019.
28. Apple is the most copied organization for phishing attacks.
According to Google HTTPS statistics, Apple is not only popular among gadget-savvy folks, but it’s also a favorite among fraudsters. Hackers often copy the Apple website to attract unsuspecting users.
Scammers use fake promotions and other lures to obtain user information while pretending to be Apple.
29. Google Chrome started warning users of non-secure websites in early 2017.
For Google Chrome, SSL is an essential security indicator. The search engine started giving warning messages when users are asked for information on websites with no valid SSL certificates.
Firefox, who provided the Mozilla free SSL, has also been on the same page when it comes to notifying users about possible scam-like websites.
30. Percentage of encrypted Chrome browsing time in the US is 97.
The traffic is counted only for the active tab in Chrome—if a user has more tabs open, metrics aren’t drawn from the inactive tabs. It’s important to highlight that this is data collected from Windows OS only.
When it comes to Android devices, the percentage is even higher—98%.
31. SSL Labs statistics report shows only 4.2% of surveyed sites support SSL v3.0.
Conversely, an astonishing 99% of websites support TLS v1.2. This version of the security layer is the most supported across the web, with its newer version—TLS v1.3—supported on 39.6% of websites.
While the SSL versus TLS preference clearly exists with some users, it seems that a lot of websites opt for supporting both options and their different versions.
Although last updated eight years ago, the final version of TLS 1.3 has been available online only since August 2018. After going through a total of 28 drafts, it was finally announced that it’s ready to use. TLS 1.3 version usage statistics showed a projected growth of an impressive 30% by the end of 2019.
32. China is the largest source of phishing email spam accounting for 21.26%.
Most phishing and spam emails come from China. The US follows with 14.39%, and Russia comes third with 5.21%. Venezuela had the most phishing victims, according to a 2019 survey.
Various research on SSL certificate facts points out the importance of SSL in online security. Users have to be vigilant when visiting websites and must always make sure to first check for authenticity by looking for SSL indicators. For web owners, SSL use is a must, not only for increasing conversion rates but also as part of the movement to make cyberspace safer for everyone.
While HTTPS confirms the usage of an SSL certificate, there are still several instances that this can be breached. Despite not being a guarantee of security, SSL is still a protective layer that helps reduce the chances of fraud.
Depending on the types of SSL certificates, fraudsters will find it a lot harder to continue any malicious activities. On the other hand, users will be aware of whether to proceed or leave through the security indicators.
Google stats on SSL show that websites with this type of encryption rank higher in the search engine results than those without SSL. In a move to promote safe browsing, Google automatically prioritizes SSL-protected sites and pushes them higher on search results.
Other search engines are following Google in this, making SSL a standard for a trusted website.
Currently, 85% of all websites are using SSL according to HTTPS usage statistics. With search engines rallying to promote a safer online environment, the number has grown in recent years and continues to rise.
Users’ awareness about online security is also spreading, making legitimate site owners more willing to employ SSL to gain trust with their visitors.
There are many different types of SSL certificates, ranging from free to $218. The price typically depends on the SSL providers and type of service, as the cost increases with the number of features. Free SSL certificates are considered starter packs and come with the most basic protection. The higher the price tier, the more protective features there are.
SSL stats reveal that there are about 85 billion SSL certificates on the internet as of 2020. Search engines’ initiatives to favor SSL protected sites in searches pushes web owners to employ such protective measures. The numbers continue to rise as many web owners are catching up now HTTPS has become a standard for most business websites.