Why Google Requires SSL Certificates for Websites
We turn to the internet for most everything whether it's a search for information, shopping for products and services or, completing forms that include personal information. Online security has become a concern and Google has started to flag websites that aren't secure which could impact a site's traffic.
Does your website have forms, login fields and other sections where a visitor can input information? if so, you should know that Google's Chrome browser now marks HTTP pages as “Not Secure” if it includes password or credit card fields. Even though you may not use Chrome as your web browser, approximately 60% of visitors on the web use Chrome as their preferred browser.
Beginning in October 2017, Chrome will show a “Not Secure” warning when users enter data on a HTTP page and on all HTTP pages visited using the browser's Incognito mode. Incognito doesn't mean you are not trackable or information entered is hidden; It means that your visits won't show in your browser history.
Google's plan to label HTTP sites as non-secure will gradually take place based on various criteria. Since Chrome 56 started marking sites as not secure, there has been a 23% reduction in page visits with password or credit card forms. Many people look at the browser's address bar for the lock symbol and https:// to confirm that the website or page is secure. If the site isn't secure, they most likely leave which might be a contributor to the bounce rate noted in your web analytics.
Google's continuing mission is to take the next steps to protect your data. Passwords and credit cards are not the only types of data that should be private. Any type of information that users type into websites should not be accessible to others. In version 62 of Chrome, the browser will show a “Not Secure” warning as users enter information to the website's forms. If a user sees the warning, he might abandon completion of the call-to-action.
This is a Webmaster message we recently received regarding a client's website:
"Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page including HTTP pages viewed in the Incognito mode.
The following URLs on your site include text input fields (such as < input type="text" > or < input type="email" >) that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, so that you can take action to help protect users’ data. This list is not exhaustive."
This message is telling us that Google is crawling the web for sites that contain forms and making note that they are not secure. We use a Chrome extension to check if a site is safe to visit but aren't sure that an extension will be required to verify if a site is secure. Google may choose to show 'website not secure' in the search results similar to how they noted that a site was 'mobile-friendly.' Will a notation be made in search results and stop a searcher from visiting your website? We'll be watching.
What is a SSL Certificate?
A SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website. When a form is completed, the information is encrypted when sent to the server using SSL technology. Encryption is the process of scrambling data that can only be returned to a readable format via the appropriate decryption key.
When you visit a website that uses HTTPS (connection security), the website's server uses a certificate to prove the website's identity to browsers, like Chrome, Firefox, Safari, etc. Anyone can create a certificate claiming to be whatever website they want. However, to help you stay safe on the web, Chrome requires websites to use certificates from trusted organizations.
Your Business Catalyst hosted website offers SSL certificates which we can install. If you're ready to secure your website, contact us today for more information.