From July, Google Chrome will mark your HTTP page as “not secure” and could drastically lower your conversion. For a long time, Google has been promoting secure websites that use the encrypted HTTPS protocol. It does this not only through its search engine, but also through a web browser. Chrome already selected websites (ie containing forms and login windows) that do not use encryption mean in the address bar as insecure. However, those that use HTTPS are rewarded in the form of a characteristic green padlock.
Currently, more than half of the websites displayed in the Chrome browser use HTTPS encryption. In the case of computer users with Windows and Android mobile devices, this factor amounts to as much as 68%. However, in the case of Chrome OS and macOS, this number increases to 78%. These data please everyone, because the encryption of websites translates into increased security on the web. The way we use the web today also contributes to the high display rate of HTTPS websites. We often use social media, and on various websites we set up accounts to receive materials tailored to our taste. Such portals have long decided to invest in appropriate certificates to be able to use HTTPS.
All popular news sites, blogs and other websites that have used the usual HTTP protocol so far will decide to use a more secure alternative. After all, no owner of the information service wants the users of the most popular internet browser at dawn to be informed that his site is unsecured. However, there is still a lot of time to prepare for the upcoming changes. Chrome 68 will be released only in June this year. People who are afraid of additional costs related to the issuance of the certificate can sleep peacefully. You can always use the free certificates offered by the Let’s Encrypt project, which is sponsored by Google Chrome, Mozilla, OVH, Cisco and other companies in the interest of caring for the security of the network.
Currently, about half of the traffic (according to Google) comes from sites that use HTTPS for operation. HTTPS is an improved version of the HTTP protocol. The number is growing all the time and the American company would like all parties to use this solution to communicate with the server. The departure from the HTTP protocol is therefore inevitable and it seems that this will happen even faster due to the latest decision regarding the Chrome browser. If more pages start to pass on HTTPS, Google will start to mark the old technology with the red board, which can be seen on some sites at the moment. This action, however, will continue for several months. The Google Chrome update will take place in stages and will start at the end of the year. This applies to all devices and operating systems on which the browser is available.
Imagine that you are an Internet entrepreneur and one fine day Google recognizes that your online business is dangerous. Everyone who enters your site can see a beautiful red message warning of a threat in the form of, for example, phishing. Do you think it’s easy to get out of this situation? The introduction of a new mechanism warning against websites that do not apply appropriate security measures is another step by Google, aimed at increasing the safety of browsing the internet. Nobody, however, promises that this is the last step – the giant has long been displaying huge boards when trying to enter the site, where it detected malware infection, and now it will be legibly informed about the lack of encryption. Today, it is impossible to say in a fully responsible way whether it will apply only to pages related to logging in and payments, or all that contain any forms. It seems possible that other publishers of web browsers will also post this trend. Hence, everyone might be affected, from small blogs to big businesses.
The most common mistake is the assumption that it is enough to “buy a certificate” and all will be solved. Meanwhile, it should be installed on the server and make sure that all elements of the page are loaded through an encrypted version of the HTTP protocol, or HTTPS. It is enough that even one resource – for example a picture – is loaded via “normal” HTTP, so that the whole page is considered unprotected correctly. In the case of popular CMS systems, usually there are no problems, but some, especially older websites – may require minor corrections in the code.
Remember that the implementation of the SSL certificate is not only a matter of data security, but also the position of the website in the search engine. Already last year, Google clearly indicated that the presence or absence of the HTTPS protocol will have a direct impact on the rating of a given website, and only those that will use encrypted connections will have a higher position. Although this is a challenge for administrators and website owners, the effects of this type of activity will be positively felt by all Internet users who care about safe surfing on the web.