Google Chrome To Label Insecure Websites
From early 2017, Google Chrome is to mark websites without a Secure Sockets Layer (SSL) certificate that request sensitive information (i.e. passwords or credit card details) as insecure.
This new development is part of Google's long term objective to improve online safety.
What is SSL?
A Secure Socket Layer (SSL) certificate provides extra security with a HyperText Transfer Protocol Secure (HTTPS) connection between the website server and the user’s web browser. The HTTPS connection ensures the safe transfer of data, by encrypting all data sent or received. This encryption protects the user data against unauthorised third party access.
Google’s objective to improve online safety
Most web browsers display how secure your connection to a website is. Currently, Chrome indicates non-SSL connections with what Google describe as a ‘neutral indicator’. Clicking the indicator provides the following warning:
“Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers.”
However from early 2017, Chrome is to mark websites without SSL that collect passwords or credit card details as ‘Not secure’ in the address bar.
This Chrome update is the first step in Google’s quest for more informed users on a more secure web. According to Google's Transparency Report, 85% of requests to Google’s servers are encrypted (as of January 2017).
How Does It Affect My Business?
Without an SSL certificate your website's rankings could potentially decrease, with secured websites benefitting from Google's algorithm update. Furthermore, web browsers could display a warning recommending users not to proceed to insecure webpages that request sensitive information. This could reduce the lead generation potential of your website, and/or reduce prospect trust and confidence in your business.