Certificates are often used on websites and have two purposes:

1. To provide a secure way to reassure the visitor that the website actually belongs to the company or organisation that they think it does, and is not a pirate website impersonating a reputable website.
2. To ensure that information travelling between the browser and the website cannot be intercepted. This is particularly important when the user is typing in bank details, passwords, etc.

Certificates are blocks of cleverly encrypted data that are signed by some form of authority.

The use of strong encryption means that certificates can only be made by a sanctioned authority and will break if tampered with in any way. The certificate authorities undertake domain checks before issuing a certificate to a company or organisation. Each certificate is created specifically for that company or organisation and contains the company's name.

This means that when the web browser gets the certificate from the website and confirms that it has not been tampered with, the browser can reassure the user that the website is that of the company or organisation named in the certificate. It can also make all data traffic between the browser and server secure.

Browsers usually indicate the presence of a valid certificate by displaying a padlock. The name of the company who owns the certificate can typically be seen by double clicking on the padlock then clicking on 'View Certificate’.