The search giant is going to step up efforts to encourage websites to switch to secure HTTPS instead of the now widespread HTTP, which transfers data without encryption. Starting in January 2017, in the Google Chrome browser, any sites that require entering credentials / passwords or various types of payment information and at the same time transmit data over an HTTP connection will be marked as insecure. That is, first of all, it is important for such type of sites as online stores.
Moreover, this factor will become one of those that directly affect search results – the positions of sites without a secure protocol that accept registration and payment information will go down.
The official blog of the company showed an example of exactly how this will look in the address bar of the browser:
In the “incognito” mode, the marking will be even more pronounced, since, according to representatives of the search engine, when activating it, users are likely to have higher expectations regarding the preservation of the confidentiality of personal data:
As of now, Chrome does not make any distinction when interacting with the site, regardless of the protocol used. However, the development team has stated that in the long term, they are going to actively promote the widespread adoption of encrypted connections.
HTTP and HTTPS: What’s the Difference?
With both protocols, communication between the client and the server takes place over the same port. However, HTTPS sends data using optional SSL, which provides additional cryptographic protection. That is, HTTPS is the same HTTP wrapped in SSL.
To transfer a site to HTTPS, you need to obtain a special certificate, the information from which is used to authenticate this web resource. Accordingly, the organization that issued such a certificate becomes, as it were, a guarantor of security, a third party, whose participation allows the user not to fear that his data will be stolen.
Data transmitted over HTTPS is protected at three levels (TLS cryptographic protocol):
Authentication, which ensures that the interaction is carried out with this particular site, and not with any phishing resource. Encryption that enhances the security of data transmission. Preservation of the integrity of information, which guarantees the impossibility of imperceptibly changing (or distorting) it during the transfer.
The cost of an SSL certificate varies greatly depending on the merchant company, and can range from $ 10 to $ 1000 per year. In some cases, you can even get them for free. But for a commercial project, this is a really profitable investment that is worth thinking about.
Thus, when using HTTPS, the risk of data interception by intruders is minimized. And hardly any of the buyers of the same online store or payment service would be delighted that access to the data of his bank card would be in someone’s hands.
Why is it important and what are the benefits?
For online stores, services that accept different types of payments, and in general for sites where registration, storage or transfer of personal and payment data of users is required, confidentiality and security are among the most important challenges of our time.
On the one hand, Google’s announcement of labeling and downgrading non-HTTPS sites in Chrome could be perceived as an attempt by the search giant to take advantage of its monopoly position to influence the market.
But, on the other hand, these are certainly positive actions that will be useful for both users and website owners in various areas of business related to online commerce.
For an online store owner, switching to the HTTPS protocol provides a number of advantages:
the safety of customer data that cannot be intercepted or distorted; a small bonus in ranking, since this factor is a component of the algorithm; tracking referral traffic (for SEO) – when using HTTP, data is lost, and such traffic is shown as direct; trust on the part of customers – you have probably already noticed that same green lock, and, you must agree, it is somehow calmer with it.
Of course, hardly anyone can guarantee 100% information protection in our technological world. However, additional security measures are never redundant. Especially when it comes to your data or the data of your customers.
Therefore, we hope that our article and the news about Google’s plans will give you a reason for reflection. After all, if earlier you have already thought about transferring your site to the HTTPS protocol, now it seems is the time to make these plans a reality.
How do I move my site to HTTPS?
Despite the fact that at the moment the recommendation to switch to a secure protocol applies primarily to online stores and services, there is no doubt that in the next two years this will become relevant for all projects. Therefore, it is still better to be on the list of the first than to try to jump on the departing train.
However, switching to HTTPS is not an easy procedure, if you make a mistake in the process, search engines will begin to perceive your site as completely different, which will lead to a loss of rankings and traffic. That is why, if you have made such a decision, it is best to use the services of specialists.
You can always contact Lemarbet, and our employees will do everything at the highest level – you can be sure of the result. Just contact us in any way convenient for you, and we will explain to you exactly what you need to do to successfully transfer the project.