Rewarding Secure Sites
Throughout 2017, Google has put a focus on Internet security, pushing website owners to implement more secure practices by rewarding secure sites and punishing non-secure sites in Chrome. Browsers started using a padlock icon several years ago to indicate secure sites, and Google has since implemented more visually obvious color coding in Chrome to indicate when a site is secure.
When it comes to web security, Google is focused on having sites use HTTPS protocol, which encrypts data through SSL. The quick way to determine if a site is using HTTPS is by looking at the URL—secure sites use https:// whereas non-secure sites just use http://.
Punishing Non-secure Sites
In January, Google started flagging sites as “Not secure” if they’re still using HTTP protocol when collecting credit card information. Before this year, users wouldn’t see any indication a site wasn’t secure—they’d just see indication when a site was secure.
You might think, “Well, that ‘Not secure’ indicator isn’t so bad.” It’s important to understand, though, that in later Chrome updates, Google plans to call out insecure sites even more.
Users will see the above red indicator if your site is collecting information from users and isn’t secured via HTTPS. They’re going to notice, and they’re going to care. Users will be hesitant to submit information through your site once they see the red indicator.
While previous updates focused on websites processing payments and collecting personal information, Google is moving toward implementing this “Secure” vs. “Not Secure” indicator for websites that collect any information from visitors. Do you have a contact form on your website? If so, Chrome will show the “Not secure” indicator when a user starts typing information into your form.
Eventually, Google plans to flag ALL non-secure pages (those using HTTP) in Chrome. We’ll be working with clients who are still on HTTP to transition to HTTPS in the near future.
Do you have questions about how SSL affects your site? Reach out.