Google has taken another big step forward in improving the security of their online user base by announcing an HTTP security change – an attempt to decrease the number of HTTP sites. This security change will occur in October of 2017 (next month) and it will only impact users on Google Chrome browsers.
The HTTP Google Chrome update is designed to target both online users and webmasters/website owners by changing their behaviour, by highlighting HTTP websites as being “Non-secure”. This will be visible both in normal and incognito viewing modes on Chrome browsers.
Source: Marketing Land
How will this update change webmaster/website owner behaviour?
For many years now Google has been incentivising webmasters to switch their websites to HTTPS. Since August 6th, 2014, Google has been providing webmasters who switch to HTTPS small ranking boosts.
Even as recent as a month ago, if you have been checking your Google Search Console messages, if your site was on HTTP, Google has been kind enough to inform you to switch to HTTPS because of these updates occurring in October 2017.
Example of the Google Search Console message:
If Google’s messages have been ignored for so long, there is a good chance webmasters will listen now since there’s a high chance that having this “Non-secure” message will negatively influence CTR and cost potential business opportunities for non-HTTPS websites.
It’s clear that Google is trying a new tactic for webmasters to change and update their HTTP website to HTTPS by taking a more direct approach. However, it’s in the webmasters’ best interest because not only will they receive additional encrypted security on the site, they will receive a slight ranking boost and their site will have no “Non-secure” message on Chrome browsers. All for the relatively affordable cost of a yearly SSL certificate.
How will this update change online user behaviour to HTTP websites?
The spread of the “Non-secure” message on both incognito and normal viewing modes in Google Chrome will definitely influence online user behaviour, if it hasn’t already done so, with the message already appearing on incognito browsing.
Most users already think twice before submitting information such as name, DOB, telephone, address or credit card details to non-secure websites. This hesitancy, or distrust, will only increase from October 2017 as the “Non-secure” message will be prominent, leading to potentially higher bounce rates, lower CTRs or even users avoiding certain HTTP websites in general.
Why is Google against HTTP?
To understand why Google has been putting in so much time and effort into reducing the number of websites operating on HTTP, you must first understand the difference between HTTP and HTTPS and how they operate.
The following is a brief breakdown between HTTP & HTTPS:
HTTP: Doesn’t provide any degrees of encryption between the user and the website. If a user shares information on the website such as credit card details or any other personal information it’s possible that the information can be obtained by a third party in the non-secure connection that occurs between the user and the website.
HTTPS: HTTPS can only be operational through an SSL certificate that provides the HTTPS secure encryption for the website. When a user shares information on the website such as credit card details the data is encrypted, which makes it extremely difficult for hackers to decrypt even if they manage to collect the data.
You can have a read of a more detailed breakdown on how HTTPS works here.
It’s now clear why Google is making a greater push for websites to switch to HTTPS – because it will protect their users and it will help them deliver a more secure browsing experience.
Latest posts by Piotr Olesson (see all)