It is technically a foundation, a non profit organization website, which will allow people to make donations for the cause. Is purchasing an SSL certificate for this site a good idea? If i have to purchase then which one is better for such a site?
Yes you will need a SSL certificate for your website since people will be either utilizing their credit card or PayPal account to make the donation. Google SSL Certificate Reseller there are many who sell SSL certificate. You don't necessarily need EV SSL Certificate just the regular one depending upon how much you want to insure buyers for their purchases in the event their financial information were stolen from your site.
since you are panning to accept online payment it would be better if you have secure transaction using Dedicated SSL which won't charge you huge amount, SSL certificates are available from 20$ but it will give a good impression and secure environment for all great soul who want to help society. VeriSign, GeoTrust ,rapidssl etc are few wellknow vendors.
If the OP is accepting donations via PayPal, there is no need for an SSL certificate as the donors will be redirected to PayPal's secure website to make the donation. No transaction or sensitive data will be transmitted on the OP's website.
If you have a shared server you can rent ssl certficate. If it's a dedicated server and want to accept online payment it's better to have an ssl certficat that is validated with for example verisign. Or as said rofro , you can use paypal, and just add a button that redirect user to your paypal account
You should have a certificate for a site. If you are using paypal, still you should get a standard certificate, otherwise go for a high security cert. Even paypal insists that you should get a certificate. They dont cost much. There are many resellers. I got it from rapidsslonline.com
You should defiantly have SSL you will also need a privacy policy and internal policies about how any information you collect is used and stored not just payment details but people's personal details make sure you follow all relevant laws regarding this.
I'm not trying to advertise, but NameCheap offers free "Comodo SSL" for all new domain registrations. I think this is the same thing right?
You don't necessarily need an SSL certificate but it would be nice to have one. If you're accepting payments via PayPal i.e. the donator leaves your site onto the PayPal site, it's not really needed. PayPal is already safe as is and is encrypted already. Either way, it's a good option to get one. I believe you can get one from around $50 per year as the cheapest and of course the prices increase depending on the companies and options you use.
Yes, i agree. If you are accepting payment/donation via Paypal, you do not need to have a SSL certificate
You should get an SSL cert if you are collecting any personal information about your visitors. If you require the visitor to leave the system to a page on the Paypal website (or an https site) then you will not need one, but if you have Paypal pro and collect the information via your site you will definitely need one. Most domain registrar companies also sell SSL. You will have to install the cert once you purchase it, so it may be easier to purchase from the domain registrar you purchased your domain from.
SSL certificate is needed ALWAYS in my opinion if the content of the data being transmitted online is not something you want others to see. Simple as that. This includes emails, texting, ftp, ordering online, filling out forms, live chat, banking online .... It is so easy to have a software listen in on your data transmission (specially in coffee shops with a laptop) and record everything and see what you are sending over the internet if you do not use an SSL. Be warned.
If you are a non-profit, it could be understandable that you just re-direct users over to the electronic payment gateway's secure website or a third party processor. Doing this though - you would want to explain what would be happening. Having the SSL though on your website would help to maintain a consistent process. You would need to contact your hosting company to see if they charge extra for an IP address (this is needed for the SSL). As another poster stated, some hosting companies will offer a "free" https:// url. Usually though this is something like https://ssl.example.com/yoursite, since the SSL is issued to the domain name (ssl.example.com). You will need to make sure though that everything is uploaded properly - like your images, external CSS, etc. If not, the users will get an error message since some of the content is not coming from a secure website. Either way you choose, make sure you test it in a couple of browsers to see if any issues arise. As far as SSL certs, check out WhichSSL - this might help you some.
Regardless of your business type, if you're accepting payments online you need SSL. If you check your documentation through your cc processor they'll mention it's required as well. Not to mention visitors making donations will be more confident in doing so (if they see the padlock ensuring encrypted connection).
Yes that a must. Even most of web hosting provider now are having bundle package with SSL. It become a basic need especially money involve website. Everyone that donate will look for SSL , is that secure to share their personal information and credit card numbers for the donation. You definitely need it.
The only way I could see you wouldn't need a SSL cert is if i you're using a 3rd party payment processor (where a visitor to your site is taken to a 'separate' web site where they actually enter their payment details). But if your site is the place where the payment details are being handled (by server scripting) then yes SSL needed.
I would invest in a SSL cert if you take any details on your site even if payment is handled by a third party processor such as Paypal. It gives out a professional image and can be reassuring. They start from under $20 so theres no need to buy a €200++ one for what you need it for.
It depends. Are you’re visitors/donors submitting any information at your website (credit card details, e-mail address, address or similar) – when I would say yes. If not – no – but it might help improve your sites/organizations credibility. VeriSign sells their VeriSign Trust Seal at $299 (I know it is expensive) – which is not a SSL certificate but includes a daily malware scan of your website.