This security change will occur in October of 2017 (next month), and it will only impact users on Google Chrome browsers. The HTTP Google Chrome update is designed to target both online users and webmasters/website owners by changing their behaviour by highlighting HTTP websites as being “Non-secure”.
This will be visible both in normal and incognito viewing modes on Chrome browsers.
How will this update change webmaster/website owner behaviour?
For many years now, Google has been incentivising webmasters to switch their websites to HTTPS. Since August 6th, 2014, Google has been providing webmasters who switch to HTTPS small ranking boosts.
Even as recently as a month ago, if you have been checking your Google Search Console messages to see if your site was on HTTP, Google has been kind enough to inform you to switch to HTTPS because of these updates occurring in October 2017.
Suppose Google’s messages have been ignored for so long. In that case, there is a good chance webmasters will listen now since there’s a high chance that having this “Non-secure” message will negatively influence CTR and cost potential business opportunities for non-HTTPS websites.
Google is trying a new tactic for webmasters to change and update their HTTP website to HTTPS by taking a more direct approach. However, it’s in the webmasters’ best interest because they will receive additional encrypted security on the site and a slight ranking boost, and their site will have no “Non-secure” message on Chrome browsers. All for the relatively affordable cost of a yearly SSL certificate.
Example of the Google Search Console message:
How will this update change online user behaviour to HTTP websites?
The “Non-secure” message spread on both incognito and normal viewing modes in Google Chrome will influence online user behaviour, if it hasn’t already done so, with the message already appearing on incognito browsing.
Most users think twice before submitting information such as name, DOB, telephone, address or credit card details to non-secure websites. This hesitancy, or distrust, will only increase from October 2017 as the “Non-secure” message will be prominent, leading to potentially higher bounce rates, lower CTRs or even users avoiding certain HTTP websites.
Why is Google against HTTP?
To understand why Google has been putting so much time and effort into reducing the number of websites operating on HTTP, you must first understand the difference between HTTP and HTTPS and how they operate.
HTTP: Doesn’t provide any degree of encryption between the user and the website. If a user shares information on the website such as credit card details or any other personal information it’s possible that the information can be obtained by a third party in the non-secure connection that occurs between the user and the website.
HTTPS: HTTPS can only be operational through an SSL certificate that provides HTTPS secure encryption for the website. When a user shares information on the website, such as credit card details, the data is encrypted, which makes it extremely difficult for hackers to decrypt even if they manage to collect the data.
You can read a more detailed breakdown of how HTTPS works here.
It’s now clear why Google is making a more significant push for websites to switch to HTTPS – because it will protect their users and help them deliver a more secure browsing experience.
Written by
Peter Dimakidis