For the last several years Google has been trying to draw users’ attention to the risks of utilizing unencrypted web. At the end of 2016 they announced the part one of a long-term plan to mark all HTTP sites as non-secure. In January 2017 they kept their promise and Chrome started to show “not secure” mark in the address bar for all HTTP pages that have password or credit card fields.
In October 2017 Google had gone beyond this and started showing warning in two additional situations: when users enter data on the HTTP page, and on all HTTP pages visited in Incognito mode. So, any type of data, not only passwords and credit card numbers were considered sensitive, and inputting it on the HTTP sites was qualified as insecure action.
We have already warned dealers about impending marking. Check out our previous article What Should Dealers Know About Moving To HTTPS? You will find there a list of steps dealers should take to move their websites to HTTPS and some preparations that you can do on your own.
Now Google is moving further:
Starting July 2018 Google Chrome Will Mark All HTTP Sites as ‘not secure’
They recently announced it in their blog post. In its current version Chrome browser displays a neutral information icon for HTTP sites. Starting with version 68, which release is planned in July 2018, Chrome will mark all HTTP sites as “not secure” using additional noticeable icon in the address bar.
How can it affect you? If you disregard Google’s advice moving to HTTPS, you can feel some unpleasant changes:
- Unsafe data
The HTTPS protocol for a website is not a fad. If the website is using HTTPS, it means the data which is transmitted from user’s browser to web server is encrypted. Otherwise “a man in the middle” can sneak in and intercept the transmission. HTTP websites are vulnerable and can be easier accessed by the hackers.
- Visitors’ hesitation
Imagine you are coming to a beach where you have swum for a hundred times before, but suddenly you stumble upon a “Swimming prohibited” sign. Even if you know it’s a safe place, you’d hesitate to get in the water, right? But if it’s a new, unfamiliar beach with a sign that warns about possible danger? You’d probably find another place to stay.
The Internet is like an ocean and users know it. People’s expectations regarding cybersecurity are rising year-over-year. They want it to be safe, end of story. Whether your HTTP car dealer website has an input fields or not, starting July 2018 Chrome will mark it as not reliable source. We don’t think it will drive a lot of traffic to your website.
- Lower rankings
Google, the most popular search engine in the world, has been down-ranking unencrypted sites. They announced starting to use HTTPS as a ranking signal in 2014. It is one of the ways they force website owners to move towards more secure cyberspace. Among many unveiled Google’s ranking factors it is well-known one. Why not use it to rank higher?
Moving is hard, moving to something you can’t even expand can seem intimidating. It’s totally natural, but unnecessary. Autoxloo has a solid expertise in this field as we successfully moved our own website to HTTPS. We will gladly assist you in this movement. Contact us to avoid being marked as ‘not secure’.