The online world is perhaps the fastest moving environment you can find. Trends, breakout sites and changes to how we interact with the web make for an ever-shifting landscape.
One such change that is currently occurring is the rise of HTTPS and the fall of the more unsecure HTTP. Over half of websites landed on through major search engines are now secured with SSL certification and have acquired the coveted HTTPS status — and this number is only set to increase as Google makes as important as Google X projects.
For those unfamiliar with HTTPS, it is simply a symbol that displays when a website has encrypted data-sharing. HTTPS is gained through acquiring SSL certification, which is the incorporation of a number of different security protocols on your website ensuring that any flow of data — such as personal details, bank information, etc. — between a user and website is totally secure.
Essentially, HTTP is like having an open conversation on the playground, while HTTPS is like talking in code. It keeps your conversation from prying eyes and keeps your secrets safe.
Unsurprisingly then, in our online world of unscrupulous hackers and chancers, secrecy and security is paramount, especially for those with CCVP knowledge. The rise of HTTPS and SSL certification is testament to our desire to keep safe online.
What Is An SSL Certificate?
SSL certification creates an encrypted client/server channel. This is done to protect sensitive information and user data by means of encryption. SSL certificates encrypt data prior to transmission and can only be decrypted by the intended server. This helps to prevent cyber crime and stolen user data and information that lead to those pesky email scams.
It is more important than ever that websites incorporate SSL certificates, but the need for HTTPS goes far beyond the basic security it provides. Here’s why your website should be acquired SSL certification — even if you aren’t handling important data like bank details.
Increased User Awareness
Time was when people had very little understanding of the internet. As recently as the early 2000s, the web was a strange and alien creature, used in sci-fi and thriller movies as a way of bamboozling the audience and explaining away plot holes through meaningless tech jargon. It was very much the ‘reverse the polarity’ of the era.
Now though, people know exactly what the score is.
With occurrences of cybercrime constantly rising, internet users are more clued up than ever on how not to fall victim. People are more aware of what keeps them safe online, using the best antivirus software available and website encryption through SSL certification.
Sure, most users don’t know exactly what SSL or HTTPS means, but they do know what to look for: this little padlock icon.
When your website is SSL certified, browsers will display this icon to notify users that their data is protected and secure. If your website doesn’t feature this little icon, users are keenly aware that your site isn’t as secure as it could be.
A lack of security can damage reputation and discourage people from visiting your web page. This is especially true for eCommerce sites, but also blogs, informational sites or online publications, where people might input contact details, make anonymous comments, etc.
HTTPS as a Search Engine Ranking Signal
HTTPS has always been hinted as being a ranking signal and back in 2014. Google confirmed the theories. Why?
Having SSL certification is an encouraging signal to Google and other search engines that your website is a safe, secure location that they should be sending their searches to. As a consumer business, Google doesn’t want to be sending its users to untrustworthy locations.
While this signal was initially only thought to have a small influence on rankings, recent studies have suggested it plays a much bigger role. Websites with SSL certification have been found to have a significantly higher chance of ranking well on Google.
Ignoring HTTPS, then, could have serious consequences for traffic to your website. Search engines won’t necessarily penalize you for not having SSL certification, but they will certainly rank other websites, even those with just a bunch of filler text, higher than yours.
Which, in essence, is just as bad as being penalized.
Google Has Made HTTPS Mandatory for Many Websites
In an admirable move to ensure as much safety online as possible, Google has set its sights on websites that require the input of user data. From January 2017, Google will start rolling out warnings on websites that require logins, especially eCommerce platforms, but aren’t SSL certified.
The ramifications of this are pretty massive. If you run a website that has a user area, or are an eCommerce website, users visiting from the browser Chrome will receive an alert advising them to avoid your site due to security flaws.
Any site caught without SSL certification that includes logins is going to be badly hit by this news. Bounce rate and conversions are likely to take a substantial hit.
Website Hosting Changes
Many major website hosting channels are changing the rules. Soon, HTTPS won’t just be optional. If you want to use services like WordPress, you will have to be SSL certified.
In a clamp-down designed to increase security online, the biggest outlets of web hosting are going to start pushing for mandatory SSL certification. This poses two problems:
- If your website is not SSL certified when the new rules come into place (no date has been confirmed so far), you could face heavy fees having to quickly get it changed if you use one of these services.
- If you don’t have SSL certification and you decide you want to move over to a new host in the future, you’ll find you are unable to do so.
As a result, putting off getting SSL certification could leave you paying heavy fees to keep your website online, or face losing it all together. You may also be left with a sub-par web hosting service because you are unable to transfer your site anywhere else.
Rise of SSL for Apps
In 2016, Apple announced that all connections made to the internet by iOS apps must be SSL certified. That meant app designers had to ensure all their outgoing data was encrypted.
They were given until the end of 2016, but happily for those left behind, the deadline has been extended.
So How Does This Affect Websites?
Currently, it has very little effect. It is a requirement only of applications on iOS, so unless you have some sort of heavy integration between your website and a companion app, you won’t be affected.
However, this requirement of SSL certification is unlikely to stop with just the apps themselves. As Chris Danks of Cyber Host Pro predicts, with Google, Apple and hosting services all pushing harder lines on HTTPS, it is likely that even more businesses will also be doing so in future.
In an age of integration, you don’t want to be caught in a space where a lack of SSL certification leaves you on the outside. For example, apps may also eventually be stopped from connecting from websites without SSL certification, which would damage traffic and advertising opportunities.
2016 saw a monumental shift in attitudes towards SSL certification — or rather a lack of.
Both individuals and businesses, like Greenpages, are no longer so accepting of an unsecured browsing experience and look set to kerb any use of the HTTP prefix.
Those who run a website without SSL certification should seriously consider their options at this point in time, as the use of HTTPS is only going to rise as we move into a more secure digital future.