TLS certificates: what they are and how they affect computer security

Acronym for Transport Layer Security, they guarantee the identity of an Internet site, thus protecting it from possible phishing attacks

Theft of social network, email and home banking credentials; ransomware infections; spied smartphones and stolen data. These are just a few of the cyber threats that, on an almost daily basis, jeopardize our privacy and personal data as we surf online.

And while they may appear to be disconnected from each other, these threats share the same origin: in the vast majority of cases, the attacks stem from a perfectly orchestrated social engineering campaign. Whether it's a phishing or spam campaign, it doesn't matter: hackers exploit information we've sown here and there in our online browsing to trick us into falling into their trap. So, without our knowledge, we end up installing a Trojan horse, or a rootkit or, even worse, ransomware.

What are TLS certificates

For the past few years, more and more websites have been implementing TLS certificates (acronym for Transport Layer Security and heir to SSL certificates, now considered insecure), security tools that guarantee the "identity" of an Internet site and ensure that the connection used is encrypted and protected. Mainly used by home banking and e-mail portals, social networks and, more generally, by all those sites that require authentication, TLS certificates are able to protect against phishing attacks.

The integration of TLS certificates in the communication protocols used on the web, in fact, has made it possible for browsers to show users whether a site is reliable or not based on the Transport Layer Security "certification". And, once you've ascertained that you're actually about to visit the desired portal, the browser shows a padlock to the left of the URL (or the words "Secure" if you're using Chrome) followed, in some cases, by the name of the portal operator.

How TLS certificates work

The TLS protocol used to secure the connections between web server and end user is composed of two parts: the first one is dedicated to the authentication of the site you want to visit; the second one is dedicated to the encryption of the connection and of the data that are exchanged between the two nodes of the network. And it is in the first phase that TLS certificates come into play.

Released and authenticated by third parties (the so-called certifiers), TLS certificates are requested by the browser when the user asks to access the domain resources (an image, a text or the login page, for example). Once received, the browser makes sure that the signature present in the certificate is authentic and actually corresponds to the one present in the certifier's database, so it can assume that the site you are about to visit is reliable. In short, a real identity check takes place, with the TLS/SSL certificate playing the role of an identification document.

The protection offered by TLS certificates

The way they are designed and implemented, TLS certificates are the ideal defensive weapon against phishing attacks. Showing the user that they are actually accessing their bank's website or logging into their email portal (and not an identical site with a similar but significantly different URL) enables them to recognize cyber fraud and escape before a hacker can get hold of their precious credentials.