Since 2014, Google has hinted that web pages with a URL beginning with HTTPS instead of HTTP will receive special ranking treatment. There is now additional motivation to secure an SSL certificate and its accompanying HTTPS for your website.
According to Emily Schechter of Google’s Chrome Security Team, pages that collect credit card information and passwords will be labelled “non-secure” if their URL does not begin with HTTPS by January 2017. At some point in the future, all non-HTTPS pages will display a red triangle and the words “Not secure” before the URL in the address bar.
What exactly is a SSL certificate?
- Stands for secure sockets layers (SSL), otherwise known as transport layer security (TLS)
- Ensures secure transactions between a (customer’s) browser and a (provider/seller’s) server by means of digitally encrypted data
- Builds trust in the security of a site, encouraging people to purchase or provide sensitive information
- Visible as the HTTPS at the beginning of a URL and as the padlock icon in the address bar
- May improve Google search engine ranking as Google algorithms show preference for encrypted pages—recently indicated by Schechter’s report of “more than half of Chrome desktop page loads [are] now served over HTTPS” at a time when most web pages are still unencrypted
- Comes in a variety of options—all with encryption—including
– a DV or domain-validated certificate that is a quick, basic validation proving whoever registered the domain name also responds to the listed e-mail address or phone number, which has proven popular with those engaged in phishing scams
– an EV or extended-validation certificate that takes longer to process but then displays your legal company name—as registered with the government—before your URL in the address bar
– a Wildcard certificate for multiple subdomains using one SSL certificate
What is it not?
- Because a SSL certificate can be acquired very inexpensively if you go with lesser known providers, HTTPS in the URL is not a guarantee that a site is safe and dishonest people are taking advantage of this false sense of security
- According to Kevin Johnson from The SSL Store, migrating a site from HTTP to HTTPS is not a one-click process
- Having a SSL certificate is not the norm, with 97% of websites still unencrypted by Johnson’s estimate
Protect your search engine ranking, whether or not your web pages contain sensitive data. Add a SSL certificate and enjoy the security of that extra encryption.