Imagine a new visitor, a potential buyer, clicking on your webpage link among all the search results. As he is directed to your site, he sees a NOT SECURE warning appearing right beside your URL.
That could be alarming for many. And it is likely to drive a lot of visitors and customers away.
Google’s Announcement on HTTPS Promotion
In order to encourage all site owners, webmasters, and webpage developers to move their sites over to HTTPS, Google has recently announced that every page running only on HTTP with a search box or form will display the “Not Secure” sign as a warning. This will commence this coming October 2017 already.
All ecommerce sites are likely to contain search boxes to help customers look for products in online catalogues and to also search for related items. Of course an order form is also included in the website. Some even have opt-in forms for their email lists.
Thus, this new development will be potentially harmful to online businesses unless you as a site or business owner ensures your transfer to HTTPS.
HTTP Vs. HTTPS: What’s the Difference?
Are you aware of the difference between HTTP and HTTPS? Why all the fuss?
HTTP stands for HyperText Transfer Protocol. It was the means devised by Internet pioneers at the beginning so that various users could have a way to share information over the web.
However, this process for exchanging information could be intercepted easily. Hence, a security measure was added. HTTPS, which stands for HyperText Transfer Protocol Secure, was born. It’s a way for the sender and recipient to trade information and documents via a “code” that shows only scrambled characters to outsiders. This was necessary for protection of information.
A SSL Certificate was needed to encrypt data being transferred. SSL stands for Secure Sockets Layer, a term that refers to the security used by computers during transfers. And for the past years, this was often just utilized on webpages where actual online transactions take place. It served as protection for credit card details and personal info.
More Details on the Not Secure Warning
It’s very important that you are aware of this change. After all, most people nowadays make use of Chrome as their main browser. Therefore, you can’t really escape this.
How does it work?
The “Not Secure” sign appears on page load once someone clicks on a link leading to your website or webpage. It is seen right beside your URL.
It also shows when entering data and the person is led to your site.
Google emphasizes the grave importance of using HTTPS not only for sites with forms and search boxes, but particularly webpages with logins. This will ensure security of login information.
Even those pages that Internet users visit during Chrome Incognito mode will still display the “Not Secure” warning.
How to Get a SSL Certificate
Usually, SSL certificates are offered by web hosting providers. So just inquire with your own provider and you might even get it at a discounted price that could be bundled with your current package. In the case of most hosted ecommerce platforms, SSL’s are included with your monthly subscriptions.
There are also vendors that sell these certificates solely. You can buy a SSL certificate for just a single website, for your domain and subdomains, or for multiple websites/domains. It’s usually good for one year and has to be renewed annually. This generally does not apply if you are on a hosted ecommerce solution, but this is how it works if you are self hosting, or host blogs built on CMS platforms like WordPress.
Furthermore, there are different types of validations involved. You can avail the simplest, cheapest one that only requires email validation. But if you want a higher kind of security and a greater level of trust, you can go for business verification or validation of your organization. This type is likely to take 1 to 3 days before the process is done. Lastly, the extended validation is yet another notch higher when it comes to security. This one is issued within 2 to 7 days and also entail business verification. If you are on a hosted ecommerce platform, your hosting provider is most likely handling these steps for you.
SSL Vs. TLS: Are They One and the Same?
Along the way, you might encounter TLS too. This stands for Transport Layer Security, another protocol that also encrypts data and provides authentication between computers or between applications and servers. It works the same as the SSL.
SSL 3.0 is actually the predecessor for TLS 1.0. But is there any difference?
Yes, there is.
TLS was once thought to just have a little edge over its predecessor. But with technology’s speedy upgrades and changes, with hackers becoming much better and new viruses and glitches causing security problems, it’s been proven that TLS actually provides much stronger protection against new forms of security breaches or threats.
It is, however, more apt for those configuring servers. But if you simply want to migrate to HTTPS, you ought to just settle for the SSL certificate that your webmaster or hosting provider can set up for you.
Benefits of HTTPS
Remember that Google intends to rollout this development on October 2017. Rather than be afraid, just do what you have to so that you can secure your website and help make the web a much safer place in general.
Apart from this, being on HTTPS can actually contribute to your SEO ranking. After all, only about 10% of the top 100,000 websites in the world make use of SSL by default.
Being in ecommerce, it’s also essential for you to take care of your customers. Using HTTPS will surely help with that because you’ll be securing all of their information whenever they are in your website. Having a SSL certificate will surely help build trust and credibility, which can boost your profits in the long run.
Many may view this October rollout of Google’s “Not Secure” Chrome message as negative. But we have to admit that there’s a growing need for better security on the web.
Besides, getting a SSL certificate is beneficial for you and your business in many ways. So plan it out carefully and seriously consider moving over to HTTPS before October comes.