Given that the protocol encrypts all client-server communications by way of SSL/TLS authentication, attackers can't intercept info, meaning end users can properly enter their private data. Generally, the certificate consists of the name and e-mail handle with the approved user and is automatically checked via the server on Just about http://XXX
