We are often asked whether or not merchants need SSL, given the the fact that Recurly is already PCI compliant. The short answer is Yes. Any website handling credit card information should always use SSL in conjunction with Recurly’s PCI compliant checkout forms to best ensure customer data is encrypted and secure.

SSL (Secure Sockets Layer encryption) is a method for encrypting data as it travels across the internet and ensures that the data remains safe. Using SSL improves credibility of a merchant’s website - savvy online customers look for “https” instead of “http” in their browser URL when visiting websites. When they see that merchants using “https” have taken the extra security measures to protect sensitive data, they’re more likely to return and shop on your website. Not only does it provide an extra layer of security, it gives your business credibility. Keeping your customer’s information secure from online threats should be every business’ top priority.

In summary, consumers expect to see SSL protection on any checkout form that is requesting a credit card number. This has become a web standard, and we encourage our merchants to always conform with this standard.

To learn more about Recurly’s PCI Certification, please visit: http://recurly.com/security/.