SSL Certificate

An SSL certificate (technically TLS certificate) authenticates a website operator's identity through a Certificate Authority (CA) and encrypts browser-server communication. Valid certificates show a lock icon and enable https:// URLs.

QR codes linking to HTTP sites without SSL certificates create two problems: unencrypted communication risks data interception, and browser warnings cause user abandonment. HTTPS is mandatory for QR code link destinations.

Three validation levels exist: DV (domain ownership only, free via Let's Encrypt), OV (organization verification), and EV (strictest validation with company name display). QR code payment and financial service destinations should use OV or higher.

SSL certificates alone don't guarantee safety - attackers obtain DV certificates for HTTPS phishing sites. Verifying the domain name after scanning remains essential.