Digital certificates and encrypted websites in Safari on iPhone
A certificate, also known as a “digital certificate” or a “public key certificate,” is a file that helps keep web communications secure.
Certificates are issued by trusted organizations, such as VeriSign, Inc. or RSA Security, Inc. When you visit an encrypted website—for example, to do online banking—Safari checks if the site’s certificate is legitimate. If it’s not, Safari warns you.
An encrypted website and Safari work together to encrypt information you exchange with the site. The key used for the encryption is contained in the site’s security certificate. This protects your sign-in information, credit card numbers, addresses, and other secure data.
If you need to connect to a website that requires a personal certificate, you’re provided with a certificate and instructions for installing it. After it’s installed, you gain authenticated access to the website automatically. If you’re unable to access it, contact the website administrator.
Important: If a website doesn’t use the HTTPS protocol, have a digital identity certificate, or encrypt information, the words “Not Secure” appear in the search field. Don’t enter personal or financial information on a website that isn’t encrypted. The website you’re visiting might not be the website you want, and information you enter is vulnerable to theft. Instead, go back to the webpage where you signed in and check for a link to another version of the site that’s encrypted—for example, “Use our secure site.” If available, use it, even if you don’t expect to view or provide private information.
Encryption ensures that your connection to a website is secure, but encryption doesn’t guarantee the website is trustworthy. Always verify the address in the Safari toolbar to confirm it’s correct. Some fraudulent websites masquerade as trusted websites by changing one or two letters of the website address.