SSL stands for Secure Socket Layer. It converts information into a (encrypted) special code that is sent over the internet to prevent unauthorized access. To collect credit card payments on your website you need an SSL certificate installed on your web server. This SSL certificate allows the server to send data over a secure connection. The browser will also show your customers that their data is secure. The goal is to protect credit card data entered on your website.
Purchasing an SSL certificate from your web host or a company like DigiCert or NameCheap is not enough. Having the SSL certificate installed for your web-server is not enough. To protect credit card information and other sensitive data the page must be the secure version of the page. Looking at the picture below you will notice that the secure address starts with https.
If the address shows http in Internet Explorer or any other web browser the page is not secure. A green lock or bar will show in some browsers, such as Chrome or Firefox, if the website is secure.
Why This Is Important
You put your organization and customers at risk by accepting credit card payments on a non-secure website page. Sensitive information can be compromised when an SSL certificate is not used to protect the data. You will be held liable if information entered on your website is compromised.
What To Do
Force any pages that are used to collect credit card payments to be loaded through a secure connection (https). My favorite plugin for forcing https on specific pages is called WordPress HTTPS.
The plugin will allow you to Force SSL in the admin area, force SSL on all pages of the site, or allow you to set SSL use on a per page basis.
If you need a more technical detailed explanation you can visit the following sites: