Updating your HTTP to HTTPS for Google to Play Nice
On Jan 2017, Google Chrome is updating their browser UI to clearly “name and shame” any websites running unencrypted connections. This means that if a business is NOT “https” the “s” stands for “secure” then Client will probably be scrambling to get their HOST to enable HTTPS, also known as SSL (secure socket layers), so that any information going to and from their server is automatically encrypted. This prevents hackers from sniffing out your visitors’ sensitive information as it passes through the internet.
As Posted on Google Online Security Blog:
To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure. Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.
Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.
A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS. In addition, since the time we released our HTTPS report in February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS.
Studies show that users do not perceive the lack of a “secure” icon as a warning, but also that users become blind to warnings that occur too frequently. Our plan to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria. Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.
In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
We will publish updates to this plan as we approach future releases, but don’t wait to get started moving to HTTPS. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. Check out our set-up guides to get started.
If you need help with getting an SSL certificate for your website, give us a call here at Taxi Digital Marketing. This is just an FYI and we are curious to see how this may affect Reach in FB ads since this is a similar “grading” function as WOT. (https://www.mywot.com/) The Web of Trust (WOT) is a warning screen pop up that a user might get when visiting a site that has a bad reputation based on user ratings. Sites with lower ratings get lower Reach with the corresponding Facebook Ad. We have yet to see if this decision from Chrome will effect the delivery of Facebook advertising, when FB ads link back to insecure sites. Stay tuned.