Message Privacy - SSL provides message privacy by encrypting all information exchanged between the web server and the consumer's browser, such as credit card numbers and other personal data, using a unique session key. To securely transmit the session key to the consumer, the server encrypts it with the client's public key. Each session key is used only once, during a single session with a single consumer. These layers of privacy protection ensure that information cannot be viewed if it is intercepted by unauthorized parties.

Message Integrity - SSL also provides message integrity. When information is sent, the sending and receiving computers each generate a code based on the message content. If even a single character in the message content is altered en route, the receiving computer will generate a different code, and then alert the recipient that the message is not legitimate. With message integrity, both parties involved in the transaction know that what they're seeing is exactly what the other party sent.

The diagram below illustrates the process that guarantees protected communications between a web server and a client. All exchanges of Server IDs occur within seconds, and require no action by the consumer.