A customer visits your site by typing in a secured URL, commonly HTTPS instead of the standard HTTP. The user will be advised of this by a message in their browser, as well most browsers will indicate this connection by a lock icon on the browser itself. Once contacted, the user is automatically sent your site's digital certificate, which validates your site.

Once the user is sent the certificate, their browser creates a unique encryption key to encrypt all data transfered, in addition their browser encrypts the session key with your site's public key so only your site can read the session key.

These methods ensure that all data transfered between the client and the server is secure and can only be read by the client and the server, your site can be designed to use this connection by default allowing this to work seamlessly for your customers.