Over the last several years, Google has made moves to keep the internet secure. Last year, their most significant move in this direction was in October of 2017 and their release of Google Chrome version 62.
With that release, pages that exclusively contained forms that you needed to log-in for or submit credit card information would trigger a “Not Secure” warning unless your site was migrated to HTTPS.
If those pages are not served on HTTPS, you will see the below page on Google Chrome:
But Google has been anything but quiet about their future plans for HTTPS. When they released their statement about version 62, they also said: “Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”
On February 8, 2018, Google confirmed that secure websites are here to stay.
As of July 2018, along with the release of Chrome version 68, all HTTP websites will be marked as “not secure” on Google Chrome, regardless of whether or not the pages on your website ask for sensitive information.
So, what does this mean for you, your website, and your business? We have some insights and next steps for you below. But first, let’s reel it back –
What is HTTP?
HTTP = hypertext transfer protocol
It’s the application that allows your website’s server to talk to your web browser.
A secured HTTP, denoted by HTTPS, encrypts the data passed along that connection so that it is secured.
It uses a Secure Socket Layer (SSL) to encrypt data that is transferred between the user and the server. Secure websites protect users against information theft, corruption of files when they are being transferred, and attacks.
Google uses three different warnings to notate the security of a website.
- Secure: Information you send or get through the site is private.
Even if you see this icon, always be careful when sharing private information. Look at the address bar to make sure you’re on the site you want to visit.
- Info or Not Secure: The site isn’t using a private connection. Someone might be able to see or change the information you send or get through this site.
You might see a “Login not secure” or “Payment not secure” message. We suggest that you don’t enter sensitive details, like passwords or credit cards.
- Not Secure: Proceed with caution. Something is severely wrong with the privacy of this site’s connection. Someone might be able to see the information you send or get through this site.
- Dangerous: Avoid this site. If you see a full-page red warning screen, the site has been flagged as unsafe by Safe Browsing. Using the site will likely put your private information at risk.
What Does this Mean for Your Business?
Naturally, as digital marketers, we must ask ourselves “What effect does this have on SEO, UX, Bounce Rate, etc?” And, we’ve heard similar questions from our clients.
We see this change mainly affecting two things: Rankings and Conversions.
Google has made it known that security is a top priority of theirs. While Google has never outright said that secure websites will produce higher rankings, over the last several years, there have been indications that this may be true.
In 2015, Google stated that a website served on HTTPS would receive preference in the case of a tie between two search results. Meaning, if your website is equal to your competitor’s in all other aspects of SEO, but yours is secured, yours will receive the higher rank.
According to Moz, 79.1% of queries in the last 30 days showed websites served on HTTPS as a result. And we only see that trend going up.
Users trust secure websites. It’s no surprise that if a user navigates to a page with a big red warning on it, they would click out of that page as fast as possible. This significantly affects bounce rate, click-through-rate, session duration, and therefore conversions.
Be Proactive – Get Ahead of the Change
Many websites have already made the move to HTTPS after the release of Google Chrome 62. Google reported on their progress in the last year:
- Over 68% of Chrome traffic on both Android and Windows is now protected
- Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
- 81 of the top 100 sites on the web use HTTPS by default