Chrome Beginning to Show ‘Not Secure’ Message on Sites without SSL

Google’s Chrome web browser, with an estimated billion users, is beginning to show a “Not Secure” warning to visitors of websites without Secure Sockets Layer (SSL) certificates.

This new policy could affect thousands of other small to medium-sized businesses. There’s nothing like a red “Not Secure” warning in a web address bar to scare away a customer and hurt a business’s search rankings.

For years, Google has encouraged website owners to add SSL because it is a more secure way of transmitting and encrypting sensitive data that is being sent from customers’ computers to websites.  Sites secured by SSL show “HTTPS” at the beginning of web address, Unsecured sites show “HTTP.”

Chrome HTTPS

 

Why is Google Making this Change?

Google Chrome has started marking all HTTP pages as “Not Secure” as of July 24, 2018, and Google Chrome version 68.  Google will begin removing Chrome’s positive security indicator so that the default, unmarked, state is secure. Chrome will remove the “Secure” wording in September 2018. Starting in October 2018, Chrome will display a red “Not Secure” warning on HTTP pages when visitors enter data when filling out a form.

 

Knowing if a Website is Compliant

Open a Chrome web browser, and look at the URL in the address bar. Does it have the green security lock to the left of the URL? Click on the lock icon to reveal the security status. A green lock and the “Connection is secure” message indicates a secure connection between Chrome and that page on your website. In the long term, Google wants every website to support HTTPS—not just those with payment options or that require passwords. If the red “Not Secure” warning appears, it’s time to update the SSL Certificate.

Example of Secure HTTPS Connection

 

Example of Secure HTTPS Connection

 

Example of HTTP with User Input

Gif: Google.

What is an SSL Certificate?

A Secure Sockets Layer (SSL) certificate is insurance that sensitive visitor data will get transferred to the website via a secure network. Acquiring an SSL certificate is easy and affordable.

  • Site Security – It encrypts web visitor-to-server communication with sensitive information like passwords, credit card numbers, IDs, and other important data.
  • PCI Compliant – If a business accepts credit card payments, the website must be Payment Card Industry compliant. Having an SSL certificate is one of the 12 requirements.
  • SSL certificates increase credibility – They legitimize your business and improve customer confidence in doing business with your company
  • SEO – Google will favor HTTPS websites in search results

How to apply for an SSL Certificate

Most website hosting companies provide SSL certificates, and sometimes they will provide certificates for free. If that isn’t an option, or if a business has multiple websites, there are companies that sell SSL certificates. The EV certificate has a stricter authentication process than SSL and will add visible indicators of trust like the name of a company, country abbreviation, and a green address bar in the browser.

This Chrome HTTPS policy will provide a sense of security for web visitors and help customers trust they are dealing with reputable businesses who will protect their sensitive information.

Our experienced Dream Local Digital marketing team can help create new customers for businesses and move them through the sales funnel.