FAQ

Even without an SSL/HTTPS certificate installed, we make sure all of your communications pass through HTTPS/SSL encryption even if there’s no green lock pad next to your URL.

Snipcart’s shopping cart is injected through JavaScript into your website. Even though the cart pops up on your domain and website, all of the information submitted during checkout is directly sent to Snipcart, which is already equipped with an SSL/HTTPS certificate. Then, we ensure the communication encryption between the client’s browser and Snipcart’s servers. The information entered during checkout is directly submitted to Snipcart without going through your servers (the “powered and secured by Snipcart” inscription displayed at the bottom of the cart informs the user of that).

Although you technically do not need any SSL/HTTPS certificate for Snipcart to work, we still strongly recommend you install one. Some browsers have now started flagging site pages with passwords & credit card forms on them as "not secure" when they're not using an HTTPS connexion. Visit Let's Encrypt to get a free SSL certificate.

Plus, during checkout, your customers will feel more secure if you have a certificate installed. We’ve also gone further than just using SSL/HTTPS encryption in terms of security; you can read more about it in the security section of our documentation. Also, it protects your website from certain man-in-the-middle attacks.