The Summer of 68 – The latest Chrome Update Will Make Unencrypted Sites Uninviting
Google Chrome is the most popular web browser by some considerable margin and has been for some time. The combination of all the versions of Google’s own web browser account for well over 60% of browser usage, so when changes are announced it’s important to take note, as statistically, most of your users will arrive on your website using one version of Chrome or other.
Google Chrome 68 is the latest version of Chrome and while currently being in the final stages of beta testing, we’re expecting to see it starting to roll out towards the end of this month. So what will this mean for website designers, website owners and website users?
How Will Chrome 68 Affect Me?
As with any update to Chrome, there are numerous tweaks, quality of life updates, security improvements and UI adjustments, but for owners of websites which have yet to acquire and implement an SSL certificate, the release of Google Chrome 68 is likely to be the start of declining site performance due to Chrome 68 adding a prominent ‘Not Secure’ next to the URL for http sites.
Sites displaying https already have a slight ranking advantage over http, but with the introduction of Chrome 68, Google will be adding some strong visual warnings to users visiting http sites indicating that using such sites might be risky or harmful, unencrypted sites are likely to start seeing bounce rates increase as users heed the warning and hit the back button. Your site won’t be less secure than it is now, it will just appear that way.
For sites which don’t have SSL certificates implemented, there’s currently a little grey ‘ i ‘ in a circle rather than the green padlock shown for https sites. Users with Chrome 68 will initially see the words ‘Not Secure’ next to this circle, which is offputting enough, but at some point in the future, this text will turn red, making ‘Not Secure‘ even more prominent and it’s expected a red warning triangle will also be displayed to users visiting your non-encrypted site.
How do I get a green padlock on my site?
To get rid of the ‘not secure’ message and to get the coveted green padlock, seen as a mark of safety to many users, you’ll first need to acquire an SSL certificate. The easiest way to do this is via your own web hosting service who will no doubt be able to advise which of a range of SSL certificates will be the most appropriate for your site. A simple business site with a little information, a blog and a sign-up form won’t need the same level of security as a multinational e-commerce platform which processes user credit card details.
Once the certificate has been purchased and applied by the host, adjustments will need to be made to the site to make sure that each http address now shows https and that diversions are in place from one to the other (http://mysite.com is a completely different address to https://mysite.com). This needs to be implemented properly and thoroughly to avoid mixed content warnings and loss of site rank in organic searches.
Why is an SSL Certificate so important?
SSL, short for ‘secure socket layer’ is a means of encrypting information sent between the site and the user. Without this encryption, it’s possible that this information could be intercepted and interpreted by those with an interest in acquiring this information.
Having personally identifiable information accessible to third parties is clearly something you want to avoid either as a website owner or as an end user. This is especially important in a post GDPR world given the expansion of what counts as personally identifiable information and the legal obligation of data controllers (anyone who gathers or uses personal information) to disclose data breaches as soon as they happen.
For more information on GDPR and the panic which surrounded it, check out our blog on the GDPR Aftermath.
“There’s no excuse for having an unencrypted website” – Mike Little, WordPress Co-Founder
While Google Chrome 68 will likely have an extended adoption period as the automatic updates are rolled out (many people are still running version 65, 66 or earlier), it’s important to get your site encrypted as soon as possible before you start to lose traffic due to the lack of an SSL certificate.
Can you help me make my site secure?
If you’ve realised the above relates to your website, or if you’ve already noticed the effects of having an unencrypted site, you’re likely to want to take action as soon as possible to make sure your site is both secure and less visibly offputting to visitors.
Get in touch with Falkon to find out what actions you need to take and how we can help you make your site safe, encrypted and GDPR compliant.