On the 24th of July 2018, Google launched version 68 of its market-leading Chrome browser complete with new security features. Before the update, Google had announced that “a secure web is here to stay” and they revealed plans to achieve this by requiring all websites to have an HTTPS connection instead of the previous and standard HTTP connection.
Websites that fail to install SSL certificates will now be flagged by Google as being insecure and each visitor landing on a website without an HTTPS certificate will be notified.
How can you check this for yourself? You can do so by clicking the browser bar and if Chrome says that it’s “not secure”, then you would be wise not to send the company or individual behind that website any information you want to be kept private like your financial details.
What are HTTPs and SSL?
HTTPS is an acronym for “Hypertext Transfer Protocol Secure”. HTTPS is a way that companies and individuals can protect their website visitors by using high-level encryption. According to Google HTTPS safeguards “the integrity and confidentiality of (a) user’s data”.
SSL is an acronym for “Secure Sockets Layer” and is a computing procedure that verifies the security of information sent on the internet.
When two computers communicate with each other, they establish an electronic connection with each other over a network (this network is more often than not the internet).
Historically, this electronic connection has used the HTTP protocol when someone wishes to view a web page.
However, an HTTP-protocol-driven connection between two computers is not in and of itself secure. It is entirely possible that someone could intercept the data going to and from your computer when surfing the internet.
To protect against this, computer security experts devised a way to use a sophisticated encryption system called SSL with HTTP so that the data sent between two connected computers is secure. When these two technologies are combined (HTTP plus SSL), the term for it is HTTPS.
Still unsure? Read our analogy to clear up any confusion
Terminology can be complex so let us use the analogy of sending a letter in the post.
Your letter contains information with a specific destination as does a website request. After you put your letter in the letter box, the postal service deals with it. HTTP is the postal service because it’s everything that happens in between your information reaching its destination.
If you had written your letter in a secret code and it was opened by someone that shouldn’t have access to it, your information would be safe. SSL is the code that safeguards any information you leave on a website such as bank details. The code we’re discussing is also known as “encryption”.
Why should you upgrade your website to HTTPS?
Without HTTPS, every visitor to your website using Google’s Chrome browser will be notified that your website isn’t secure and this could harm any chances you have of building confidence in your company, let alone making a sale.
These warning signs significantly increase the bounce rate (the number of people who leave a website having viewed only one page) and they may deter potential clients from visiting your website in the future. If you take too long to implement HTTPS, you might put of dozens or hundreds of customers who would have got in touch with you had they felt that their information was safe with you.
Although there is usually a small annual cost attached to the SSL certificate, HTTPS justifies this expenditure by allowing you to build and maintain visitor confidence.
When you implement HTTPS, your website’s ranking on search engines is also likely to increase . Although HTTPS is already a ranking factor with search engines, Google has suggested that its importance for SEO will increase in the future.
How do I implement an SSL certificate?
Implementing HTTPS for your website is relatively straightforward, and is something your website designer or hosting provider can enable for you.