As if you don’t have enough to worry about, already! Now, you have to start worrying about whether your website visitor’s browsers are telling them that your site isn’t safe! Really, this is happening! We wrote about this in an earlier post, but now Google’s moving to the next stage of their plan.
In Google’s attempt to protect internet users they are rolling out a feature in their Chrome browser that will give the user an alert when they go to a website that Google has deemed to be unsafe. Now, on the surface this is an admirable effort, to be sure. None of us want to fall victim to a phishing attack or end up with viruses on our computer as a result of a bad website.
[Tweet “Chrome’s unsafe alert could impact your site. #smb #digitalmarketing”]
That Won’t Affect Me
You don’t run phishing scams, you don’t have malware that you’re trying to infect other people’s computers with so you’re thinking that you have nothing to worry about, right. Well, maybe, maybe not.
Google is casting a pretty wide net when it comes to identifying what they consider to be an “unsafe” site. Their definitions are:
- Deceptive sites that are trying to trick you into doing things like giving up your usernames and passwords or other personal information.
- Dangerous sites can harm your computer by exposure to malware or viruses.
To combat these dangers, Google has created the Safe Browsing feature built into the Chrome browser. And, because of Chrome’s extremely large share of users (As of March`17, 75.1% of all internet users are using the Chrome browser) and the fact that the Safe browsing features are turned on by default, this is a really really big deal.
That’s when Google’s Chrome browser started alerting users to, not just dangerous websites, but unsecured websites, as well. And, this is where you will probably end up with a problem.
An unsecured website is basically any site that is collecting information and is not set up with on a secure HTTPS protocol. First, HTTP stands for Hypertext Transfer Protocol and is the protocol that makes the web work. All websites run on the HTTP protocol. If you check out the address bar of the next website you visit you’ll see the full address is http://domainname.com. The HTTPS is the secure version of the HTTP protocol.
If your website is more than, probably, 6 months old then the chance that your site is not on a secure protocol (HTTPS) is very good. Historically, most people didn’t worry about having their site on HTTPS unless they were selling something through an online store. If you were using your site to generate sales leads or to get members, or any non-commerce related activity, you were most likely advised that you didn’t need the security of HTTPS.
Now, that’s all changed. In January of 2017, Google updated their Chrome browser so that it began marking all pages within a site, that collect passwords or credit card information on a non-secure HTTP protocol, as not secure. This then resulted in an alert being displayed to the user, in the address bar next to your site’s address. This is also, just the first step in a long-term plan that will ultimately mark all sites not using HTTPS as not secure.
Here’s Where You Are Impacted
In April of `17 Google announced that they are rolling out an update to the Chrome browser that will mark page,s as not secure, that allows a user to enter data. Just to be clear, they are talking about all data, not just passwords and credit card data.
[Tweet “Latest Chrome update: Any type of input over HTTP marked “Not Secure #digitalmarketing #smb”]
This means that if you have a contact form on a page in your website and that page is not using HTTPS, the visitor to your site will receive an alert that your site is Not Secure. This also means that if you have a newsletter signup form on your site and that page is not using HTTPS, the visitor to your site will receive an alert that your site is Not Secure. Or, if you have a search box on your site, and that page is not using HTTPS, the visitor to your site will receive an alert that your site is Not Secure.
The implications of not having your site on the secure protocol HTTPS is that fewer people are going to trust your site and they are going to leave before they engage. This means that your bounce rate is going to increase, marketing dollars that you are spending to get people to your site are going to be wasted, and your overall business will be negatively impacted.
In fact, Google has already identified that there has been a 23% decrease in the number of people navigating to pages that collect password or credit card information and are not HTTPS.
[Tweet “23% Decrease in navigation due to “Not Secure” Chrome alert. Get your HTTPS #smb #digitalmarketing”]
What’s Involved In Moving To HTTPS?
Google has laid out a step-by-step process that you can follow to convert a site over to the HTTPS protocol. It’s important to know that this isn’t a DIY project that you should take on. The repercussions of doing it wrong could have very serious effects on your website.
Get in touch with your agency or developer and work with them to develop a conversion plan that will ensure that your site remains intact and that you don’t loose any of the SEO rankings that you currently have.