There are lots of Web sites out there that allow personal information to be sent without anyone listening in. These Web sites include banking Web sites, Web sites where you can make purchases electronically, and Web-based e-mail such as MSN Hotmail. These Web sites are called "secure" because they follow specific secure communication methods (called "protocols"). Internet Explorer has the ability to read and understand these protocols, therefore letting you bank online or make purchases online.

To verify a Web site's authenticity, these secure Web sites forward a security certificate to your computer. You can think of a security certificate as a passport that contains information about the Web site. The certificate will also contain some form of unique security device that is very hard to duplicate, just like a hologram embedded into your passport photo. When Internet Explorer detects that you have entered a secure Web site, a small lock icon will appear in the status bar. This indicates that Internet Explorer has verified the security certificate of the Web site you are visiting and you may proceed to use your personal information if you wish.

Some Web sites really have no need for a security certificate, like the Web site we used to get a chicken soup recipe. But consider the following scenario. Imagine that the recipe Web site has a cookbook for sale that you can buy using your credit card. You click on the hyperlink to purchase the book when suddenly Internet Explorer could not find or could not verify a security certificate on this Web site. It might not be safe to proceed with the transaction at this time because the recipe Web site in fact might not have anything to do with cooking at all. If you ordered the cookbook, all you might get in the mail is a huge credit card bill!