Google Chrome 68 is here and as promised, the Chrome Browser is now marking HTTP as “not secure”.
We first blogged about this in March of 2018 and the time is now to make sure that all web sites are published using always-on HTTPS.
This development matters greatly to just about every web site in production for several reasons:
- Research consistently shows that trust indicators affect visitors' likelihood to complete online transactions or share potentially sensitive information. Positive indicators (like the Norton Secured Seal) increase transactions and negative indicators like this one in Chrome 68 decrease them.
- Even if traffic doesn't drive direct financial benefit (such as it does for an online retail site or lead generation page), companies publish web pages to make information available to a target audience. Asking your clients, shareholders, employees, and other constituents to navigate past a warning that says "Not secure" to access your information is a losing proposition. What will happen in reality is these audiences simply won't consume your content.
- The brand damage is considerable. The world's most popular browser will begin telling more than 50% of the people navigating to your web site that it is not secure. How will that affect their perception of your brand? In what other ways will they question the security of your site and your business?
This step is the latest in a progression Google has been taking to push sites toward always-on HTTPS over regular unencrypted HTTP. In 2017 Google began marking HTTP sites as insecure in a variety of circumstances, and for years it has given greater SEO value to SSL-secured sites.