The latest version of Google Chrome is set to mark more websites lacking an SSL Certificate as insecure. Here’s everything you need to know to prepare your website for the browser’s upcoming changes to security rules.
For quite some time, Google has been extending its efforts to encourage the web’s transition to HTTPS in place of the outdated and less secure HTTP connections — and that’s better for everyone. On the flip side of things, that’s going to leave websites without an SSL Certificate practically inaccessible to most users when the latest version of Chrome rolls out later this year.
If your website does not have an SSL installed, Google will mark your website as ‘insecure’ to its users.
HTTP and HTTPS explained — Why Google is pushing for one over the other
Go ahead and open up Amazon’s website in a new tab in your browser (or take a look at ours)…
See that little ‘https’ sitting in front of the web address in the address bar? Well, all websites are typically prefixed with either ‘http’ or ‘https’. To put it simply, both serve as variants of the same communication protocol over which data is transferred between your browser and the website you are viewing.
The version you are currently looking at (HTTPS) stands for Hyper Text Transfer Protocol Secure. It uses an additional protocol not present in the outdated HTTP counterpart called SSL (Secure Sockets Layer). And that’s the version Google is encouraging because all communications between browser and website are encrypted — effectively making HTTPS more secure than HTTP.
All of this comes as part of Google’s aim to create a better, safer web experience for all its users, which is why Chrome (with more than one billion users on mobile platforms alone) is one of the first browsers to front this initiative.
As of right now, it’s only HTTP websites with password or credit card fields that are being marked as ‘Not Secure’ in the browser’s address bar. But this is all set to change when Google Chrome Version 62 is deployed. From October onwards, this warning will be extended to any HTTP site where user data is entered. This basically covers a multitude of data entry fields commonly used by all websites.
Data security is a massively important issue nowadays, and Google is certainly doing the right thing by bringing these websites to the attention of its users in the interest of protecting sensitive information.
Read more about viewing your website through the eyes of your customers here
But how does any of this impact you and your website? And if you’re unfamiliar with many of these terms, what does it all really mean?
The benefits of migrating from HTTP to HTTPS and why you need to switch
With these new security changes in mind, websites currently using the outdated HTTP connection are encouraged to migrate over to the more secure HTTPS connection. It’s a fairly quick and simple process that is best facilitated by your web developer or web hosting provider.
In addition to offering users visiting your website that added security, it’s incredibly beneficial for you and your website as a whole:
Compliance with data protection laws
Perhaps the most notable benefit of switching over to HTTPS is data theft and data loss prevention. It’s also one of the most important as laws regarding data protection are increasingly shifting responsibility to businesses and organisations in possession of customer information online. This includes everything from email addresses to sensitive financial information.
SSL Accreditation and brand protection
As the modern-day standard by which the reputation of your brand is measured, it’s important that your website is credible and trustworthy. A website with an SSL installed operating on a HTTPS connection adds a layer of integrity that not only improves visitor retention, preventing them from leaving when they see the ‘Not Secure’ warning in the address bar, it also helps protect the reputation of your brand online.
Improved rankings in Google
We’ve already talked about Google’s initiative to create a safer web experience for its users, and in incentivising websites to adopt the same philosophy, websites employing HTTPS are more likely to outrank similar websites using HTTP. This basically means that people searching relevant terms in Google are more likely to view your website on the search engine results page than a competitor still using HTTP.