“Your connection to this site is not secure.”
Does this look familiar? As of this month, most likely.
On October 17, 2017 Google’s Chrome browser began warning users on pages that aren’t encrypted with an SSL certificate.
SSL is what keeps us safe on the internet. It protects sensitive information such as social security numbers, credit card numbers, usernames and passwords, and any other sensitive information being passed through the web. When SSL is used, that information is unreadable to anyone besides the destination in which it is meant to reach. This is meant to protect us from hackers and identity thieves.
Secure sites now show a green lock and the word “Secure” beside the domain, and you might notice that the domain begins with https (instead of http), with the s standing for “secure.”
Hacking is on the rise and Google Chrome is helping us stay safe from malicious incidents that can cause serious damage for individuals and businesses.
Why should your website move to HTTPS?
You want to be sure that any information that you are passing along through the internet is being protected. Just as your customers provide you with sensitive information, you sometimes do the same for them.
SSL certificates provide authentication that you are sending information to the correct server without a hacker intercepting that information.
The cues mentioned above signal that a site is secure, but when the site is not secure it becomes a huge turnoff for visitors.
Google is shaming sites that don’t use HTTPS by adding text or an icon that shows that the site is not secure. In some incidents, this occurs with a pop-up to make sure that the visitor is aware.
Psychologically, this scares visitors away from the page even if it is a website they have always trusted.
All that time, money, and effort invested on your SEO may be drastically affected by this change.
Google clearly places security high in importance, therefore it now factors SSL into its algorithm making it highly unlikely that an unsecured site will land high in any search result.
Filling out a form or entering your credit card on an unsecured website means that hackers could steal your data.
In order to accept credit card information on your website, you must pass certain audits that show you are complying with the Payment Card Industry (PCI) standards. One of the requirements is properly using an SSL Certificate.
If your website is not HTTPS please contact us at firstname.lastname@example.org. We can help you update your website so that you may avoid any security issues moving forward.