Last week, webmasters started getting a warning from Google’s Search Console about a feature that will be added to the next version of Google’s popular web browser, Chrome. Version 62 of Chrome, scheduled for release in October 2017, will show a “NOT SECURE” warning when users enter text into a form on an HTTP page. According to the distributed message, “The new warning is part of a long term plan to mark all pages served over HTTP as ‘not secure.’ ”
Once it is released, Chrome will also show a “NOT SECURE” warning whenever a user visits any HTTP web page when in Incognito mode.
The solution is to migrate the website in its entirety to HTTPS. This requires the purchase and implementation of an encryption SSL.
Chrome has become by far the most popular browser on the Internet. As of the publication of this article enjoys a 59.57% market share according to NetMarketShare.com The closest competitor is still Microsoft’s Internet Explorer with a 16.5% share. This means that as of October’s release, more than half the consumers a business is targeting will see a “NOT SECURE” warning when entering text into a contact form on an HTTP Site
What is HTTPS?
The “S” in HTTPS means “Secure.” Hyper Text Transfer Protocol or HTTP is the foundation of the way data is communicated over the World Wide Web. The secure part means that the communication is covered by transport layer security, in other words, the communication is encrypted. The main reason this is important for most small business websites is to protect consumers entering and sending information through contact forms. Any website needing to secure legal, medical, or financial information being transmitted back and forth likely already is secure. It has not been as important for some other small businesses who are only collecting names, addresses, and phone numbers to call back for something like a home service quote, but the warning that Chrome will soon publish now makes that imperative.
HTTPS and SEO
For the past few years, Google has repeatedly expressed a preference for secure websites, but communication and evidence about whether or not they universally prefer secure sites over HTTP sites have been mixed. Based on some communication from Google a few years ago many marketing organizations immediately migrated everyone they worked with to HTTPS, while others took a more case by case view.
This latest move makes it an imperative from a conversion rate optimization standpoint. If consumers see a warning that their communication is not secure when they attempt to fill in an internet form, no matter how innocuous the transmitted information is, many will pause and think twice before hitting send.
Since this is a conversion rate optimization issue, the step is important for any business who gets any leads from consumers filling out forms, not just businesses actively optimizing sites, in other words, it’s also very important for businesses who get most of their traffic from paid search or sponsored social media.
How to Tell if Your Site Is Secure
It’s simple to see if your site is secure or not. Open Chrome, go to your site and look at the browser bar where you see your website’s address. Do you see a green lock Icon and the word “Secure?” or do you see a black lowercase i in a circle? If you see a lock, you’re Secure. If you see the i, you’re HTTP.
Still not sure? Highlight the entire address, right click and “Copy.” Next, go anywhere you can enter text and “Paste.” Normally the clipboard will grab the entire web address, not just what you see. When you paste, you will see something like https://www.actiongaragedoor.com/. See the HTTPS? The site is secure. If it’s not, you’ll see HTTP.
How To Add Transport Layer Security
Adding transport layer security is as easy as keying a Secure Sockets Layer (SSL) certificate which establishes an encrypted link between a browser and a server. This ensures everything passing between the browser and the web server the site is sitting on remains private.
Essentially the SSL is a certificate issued by a trusted issuing authority containing information that the browser can check and in doing so verify that the site is trustworthy.
Once the SSL is issued and verified, the site’s URL database then needs to be updated to ensure it displays the HTTPS for every URL on the site, not just pages, but images, links, scripts, and anything else that references a URL on-site.
The SSL can usually be acquired through your hosting company. Your webmaster can make sure it is properly keyed and that the database is properly updated to ensure your site is published as HTTPS.
Time to Act
Although the new version of Chrome won’t be released until October, the time to act is now. There are some steps needed to issue an SSL that sometimes take a little time, and your webmaster may be flooded with requests to add SSL encryption to client websites over the next few months. It’s past the point of “better safe than sorry” It’s now at the point where “I’m going to lose business if I don’t’ take care of it.” Contact us today to see if your site is protected.