Posted on January 22, 2017 by James Duquenoy
Google is implementing a series of changes to Chrome, the world’s most popular web browser, to try and make the web a safer place. Starting in January 2017, Chrome will display a warning when a page isn’t protected by an SSL Certificate. Further down the line, Google plans to show this warning for all HTTP pages.
Why do you need an SSL Certificate?
In simple terms, an SSL Certificate is used to establish a secure connection between a web server and a user’s browser. This means any data transferred between you and the server is encrypted, preventing unauthorised parties from eavesdropping and stealing your data. This is particularly important when entering personal information such as passwords and credit card details – the last thing you want is someone listening in on your connection and stealing your sensitive details.
Sites secured by an SSL Certificate show a green padlock and “Secure” message next to the URL in Google Chrome (and other browsers), reassuring users that the site is fully secured and that they are safe to enter their personal details.
Furthermore, websites protected by SSL could even see a boost in traffic. Since Google is trying to improve the security of the web, secure websites are more likely to rank higher than their non-secure competitors in search results. Users will also feel more confident visiting, logging into and paying on a secure site – which is particularly important for the eCommerce industry. An insure login form or payment fields will put users off from completing a sale.
Although more websites than ever are enjoying the increased security provided by SSL Certificates, some sites still haven’t transitioned. Google’s studies have shown that users don’t perceive the lack of a “Secure” indicator as a warning, so they have embarked on a mission to label insecure HTTP pages (without an SSL Certificate) more clearly to increase awareness of the potential security risks. Version 56 of Google Chrome (coming by the end of January 2017) will add a “Not secure” message to pages with password or credit card fields that aren’t protected by an SSL Certificate.
Eventually, Chrome will label all HTTP pages with a more prominent red “Not secure” warning – even on pages without password or credit card fields. Such a strong and obvious warning is hard to miss and is likely to drive users away from insecure websites.
Why is Google doing this?
Although it may seem like a small change to the world’s most popular browser, these warning messages will increase awareness about the danger of entering sensitive information on insecure websites. It should also encourage more websites to protect themselves with an SSL Certificate in order to avoid the damaging effect of having a “Not secure” message appear on their site.
If your site still isn’t protected by an SSL Certificate, we strongly recommend you contact us so we can act now to secure the connections between users and your website and stop the “Not secure” warning from appearing on your site.