Does Your Site Meet Google’s New SSL Certificate Standards?

With online security fears rising in the wake of revelations over information theft and data protection breaches, website security has become a prevailing priority for technology developers in 2018.

After raising standards to protect and inform their users about online security risks, Google has recently announced even stricter controls on how their leading web browser, Chrome, labels websites in the future.

Google Chrome – the most popular website browser in the UK – began by flagging up problems on websites with invalid SSL security certificates, before overtly identifying sites that didn’t have a security certificate installed in the first place.

What is an SSL Certificate?

SSL is an acronym for Secure Sockets Layer, and SSL certificates are the backbone for any website security. The certificate allows a browser to bridge a secure connection between your device and the web server, thereby ensuring that information is safely transferred. Generally speaking, if a website address begins with HTTPS it is using a secure connection, and if it begins with HTTP is not.

Chrome currently makes it clear to users that they are browsing secure websites by displaying a highly-visible green padlock labelled ‘Secure’ at the beginning of its search bar.

Google Chrome web browser displaying "Secure" badge next to website address bar

Your site will be affected unless it displays a green "Secure" badge in the current version of Chrome

For websites that are not secure, this label is replaced by an information icon that, if clicked, warns users in no uncertain terms that they ‘should not enter any sensitive information on this site’ and that their data is at risk of being ‘stolen by attackers’. But, the ubiquitous developer hasn’t finished there…

Animation showing user clicking the info icon and Chrome stating the site is insecure

Previously, users had to click the "info" icon to see security warnings

Google announces major changes to warn users against ‘Not Secure’ sites

In July 2018, Google will prominently mark all HTTP sites as ‘Not secure’ without requiring the user to click anything – as shown in the screenshot below:

Image depicting how Chrome will label non-secure sites

From July 2018, users will not have to click anything to see the "Not Secure" badge

This warning will become even more visible in October 2018 with Chrome version 70, when the browser will begin displaying a ‘Not secure’ label in bright red when users enter data on HTTP pages. This commonly occurs on contact forms, login pages and other data entry pages found on most business websites.

Image depicting how Chrome will label non-secure sites from October (with red text)

Red for danger

Although this move towards mandatory HTTPS has been gradual, Google has warned that businesses will need to have SSL certificates for all webpages on their site – not just pages with login requirements or forms – by the time Chrome 68 launches in July 2018.

Since Google Chrome accounts for over 60% of the web browser market share, most visitors to business websites will be alerted to security threats unless SSL encryption is in place. SSL certificates enable HTTPS – so the sooner businesses install certificates for all of their pages, the better for both the business and its customers.

The benefits of making your business website secure

As Google moves closer to realising its ambition of having completely ‘secure by default’ websites, there are many reasons for business websites to ensure that their SSL certification meets the latest standards:

  • More traffic: Google prioritises secure websites in search rankings
    Google revealed as far back as 2014 that it prioritises secure websites over non-secure ones so that they potentially appear higher in search results.
  • Better user engagement: Visitors feel more confident using secure websites
    With one in 10 people having experienced some form of hacking attempt, SSL certificates provide another layer of confidence to feel safe and secure.
  • Prevent information theft: Data is more likely to be stolen from non-secure websites
    SSL certificates encrypt sensitive data during transmission between user devices and the web server, so the chances of information theft are lower.
  • Essential for online payments: Shoppers will leave unless all pages are secure
    Most ecommerce websites usually have SSL encryption in place on at least the pages where credit card details are submitted, and consumers are encouraged by secure labels.
  • Access invaluable marketing data: Analytics won’t show where visitors are coming from
    If your business site doesn’t have an SSL certificate then information from visitors arriving from secure websites cannot be recorded to help marketing strategies.

You can discover the benefits of having a secure business website in more detail here.

If you would like advice on how to make your business site more secure, please contact us on 020 3519 8585 or send us a message.

Hallway is a growth-driven agency for ambitious businesses - we offer peak-performing, Ever-Evolving websites and online marketing that deliver stellar results.

Don't miss our next article! Subscribe now:

View recent articles
  • Share this article: