HTTP and HTTPS: why secure your site

HTTP.jpg

Google identifying HHTP sites as "Not Safe" is the second step in a broader plan to make the Internet safer. This change has an impact on credibility, conversion ratios, bounce rates, SEO and traffic. This article will help you understand what HTTP and HTTPS are, why Google is doing these updates, and what impact these have on website owners.

What is HTTP and HTTPS?

HTTPS stands for Hyper Text Transfer Protocol Secure. Like HTTP, it refers to the link between the server of a site and the web browser from which visitors access it. The difference with HTTPS lies in the fact that this link is encrypted, which guarantees the confidentiality of visitor data. Two technologies are used to establish this encrypted link: SSL and TLS. If a site is secured using any of these links and a visitor logs into this site, their browser will recognize that the site is considered safe. To verify this, the browser retrieves what we call "a certificate" and ensures that it can be trusted by verifying that it comes from a trusted source that it has not expired and that it is used by the site for which it was issued. All this is done automatically and almost instantly without the visitors realizing anything. Except that now, if a site is not secure, visitors are bound to realize it because the site will be identified as "Unsure".

Why this update?

The actions taken by Google to educate browsers about security on the Web are not a surprise. This may be new to you, but only because the previous updates were more subtle and had no impact on the performance of your website, if you had one. These changes are part of a broader plan to make the Internet safer. This second update (marking HTTP sites as "Unsure") does its job perfectly: browsers are warned that the site they are visiting is not secure and website owners have no choice other than to secure their site to preserve their credibility and their results. This may sound a little radical as a plan, but the result is beneficial for anyone browsing the web. If you think the latest update is harmful for site owners, wait until you see the next!

Google's gradual warnings

1st step: the "i" icon

Chrome has started tagging HTTP sites with a subtle "i" icon for a while now. Most browsers do not notice this and Google believes that this does not reflect the real dangers of using these sites ... and it’s right! By accessing a website via HTTP, violators can view the information you submit and even modify the site before it is uploaded. In this way, they can steal your information and extract even more valuable data by inserting additional fields. For example, an added field might ask for the last three digits of your Social Security number, and many will unfortunately fall for the trap.

2nd step (current): the label "Not secure"

It is at this stage that we are currently in their process and, if you own a site, it is probably why you are taking the time to read this article. Initially, only HTTP pages with payment or password fields were immediately marked as "Not secure". Now, the notification also appears on all HTTP sites as soon as a browser land there. This label can not be missed and is not very reassuring: would you submit your credit card number or password on a site bearing this label?

3rd step: warning icon + "Not secure" + red font

At this point, all HTTP sites will be marked as "Not secure" automatically. In addition, the label will have a warning icon (currently used to indicate when a site's protocols are broken) and will be written in red. This last step will have a significant impact on the credibility and performance of unsecured sites and will simultaneously make the Internet safer for all browsers.

Cons summary of an HTTP site

Damaged Credibility

Your browsers will lose confidence. They will question your work ethic and how you manage their information. After all, would you like to do business with a company that does not take precautions to keep your information safe?

Less conversions

Certainly, some visitors will ignore warnings and continue to navigate. However, overall your conversion ratios will inevitably suffer.

Higher bounce rates

Many visitors will be frightened and run away quickly. The bounce rate is the percentage of visitors who leave your site after viewing only one page. This aspect is insinuated in the last two points, but its implications are fundamental.

In conclusion…

Increase of the bounce rate → SEO penalty → Decrease of traffic and credibility → Decrease of the sales

An HTTP site will experience higher bounce rates and will be penalized for the value Google attributes to website security, which will ultimately result in a lower ranking in search results. A lower ranking means less traffic, which ultimately means less sales. Incorporate the fact that credibility and conversions will also be reduced by displaying the "Not secure" label and you will understand why a sites security should not be taken lightly.

How to fix the situation?

It's simple, if your site uses HTTP, it's time to switch to an HTTPS connection now! As soon as it’s done, Google will display a small latch in the search bar when visitors are browsing your site, and a paragraph indicating that they are in a safe place if they click on the latch.

Still unsure?

Don’t have resources to help you migrate, or have questions on the subject? Book a free call with us today!