Google’s push for all websites to be HTTPS has so far been only in circles that actually pay attention to what the Giant is doing. But the company is getting ready to implement a large red cross through every website that doesn’t offer an encrypted connection.
In 2014 Google highlighted a proposal to show that HTTP sites provide no data security to users, so why don’t browsers warn users of this fact. Google’s answer to this is by displaying a red cross over a padlock next to the URL instead of what is shown now which is no warning at all?
Google has been very adamant about some how conveying to the user their information is not secure on HTTP and are trying to get everyone to use HTTPS therefoe making the internet more secure. However, until this week Google hadn’t announced any progress on its proposal. At the Usenix Enigma 2016 security conference, Google offered the snapshot above showing what The New York Times website would like when Google implements the feature in Chrome.
Google has stated many times their goal is to make the internet more secure for its users, and now they are prepared to move forward with their idea of making all HTTP sites.
Google: “Our goal is to mark non-secure pages like HTTP, using the same bad indicator as broken HTTPS, since this 1) is more accurate than marking such pages as neutral, and 2) simplifies the set of security indicators.”
Why Buy SSL Certificates:
I am sure everyone wants to be sure there information is safe when visiting their favorite website, next time look at the top browser and see if it is http or https. If for no other reason just peace of mind knowing your computer or what ever device you are using is safer than a non-secure site using encryption.
Keeping your site secure can not only keep your information and clients information safe. It could improve your ranking in the search engines.
Visit the SSL store to find out what certificate best fits your needs.
Just a few months ago, Matt Cutts publicly spoke of the importance of having an HTTPS enabled Web site, and went on to say that if it were up to him it would already be a ranking factor.
Well, after that public declaration it wasn’t surprising when Google officially announced that HTTPS is now a “very lightweight” ranking factor, “affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content”. However, in time HTTPS may become a stronger ranking factor in order to “keep everyone safe on the Web”.
Which Security Certificate Should You Choose?
There are many different types of Security Certificates available, in some cases they are free, others can be quite expensive. In order for you to understand the different browser warnings you’ll first need to understand that there are 5 different types of security certificates to choose from:
- Shared Certificates – These are certificates that are offered by many Web hosts where you use their Certificate, but it is not tied to your domain name. For example if your site is mysite.com, you might put your non-secure content on your domain, but your shopping cart on secure.mysite.com. This can be very cost effective, but you do lose your domain branding and likely some shopper confidence using this method.
- Free Certificates – For personal Web sites, public forums, etc. — some companies offer free security certificates such as: StartSSL and GoDaddy offers Free SSL Certificates for qualified Open Source Projects. None of these free ones would be valid for a business, but you might look at these offers and shop around if your doing this for a hobby site or other non-profit project.
- Domain Validated (DV) Certificate – The most common SSL certificate used for small businesses. A DV Certificate typically covers a single subdomain like www.domain.com, but not necessarily domain.com (no-www). A visitor to a site with a DV Certificate at this time will see the same security icons as those with Organization Validated certificates, unless they are using FireFox v31 (perhaps earlier) versions. That browser and perhaps others may have an alert icon and when clicked says the organization is not verified but is secure. This icon is often shown only once, then the typical padlock secure site icon is displayed.
- Organization Validated (OV) – OV Certificates require verification at both the organization and domain registry level. In most cases an OV cert will require a vetting procedure before the certificate is issued, this ensures the business is a legitimate company. OV certificates are more expensive than DV certificates, but really offer little value above the DV certificate. Visitors to a site will typically not notice any difference between a DV and OV cert unless they click the padlock icon, which makes the extra cost debatable at this time. Perhaps soon we’ll see some additional browser identification feature that will make an OV certificate identifiable (and more worthwhile).
- Extended Validation (EV) Certificates – These are the more extensive and difficult to get SSL Certificates. EV Certificates are the ones that turn your browser bar Green indicating a secure site. They require an extended validation of the business including domain ownership, organization information, plus legal existence of the organization. These certificates take longer to acquire and process, and are more expensive. The existence of the Green Bar in the browser can be a strong incentive to step up to the EV level to increase shopper confidence and likely conversion rates. It’s doubtful a content or non-eCommerce site would benefit from this level certificate.