Google SSL Certificate. Chrome Browser. October 1, 2017. Your Website. What Does It All Mean?

Google Chrome SSL Secured

As mentioned in previous WEB ROI blogs, Google is always making changes to how its algorithm serves up websites.

They do this to improve the experience people have when using their products.

Some previous updates include:

On October 1, 2017, Google Chrome (the web browser that’s used by 44.5% of all people/source: ZDNet) will roll out another change:

  • Any website that it doesn’t consider safe will be labeled with a large, “non-secure” warning

The goal is to warn people about any unsafe sites before they actually click on them.

HTTPS vs HTTPWhy is there a Google Chrome SSL 2017 warning?

As of now, there are two types of websites:

  • HTTP (HyperText Transfer Protocol)
  • HTTPS (HyperText Transfer Protocol Secure)

HTTP websites are just regular sites that you visit for information, like a newspaper or cooking website.

  • If you wanted to subscribe to them, you’d fill out a form with your name and email address. If you didn’t, you could still access the content on those sites.

HTTPS websites are those which collect sensitive data.

  • Usually, they’re shopping or eCommerce sites where people would enter in their credit card information. The only way to make a purchase is to type in your credit card, address, etc.

One type of website (HTTP) doesn’t require you to fill out a form. The other type (HTTPS) does.

So it makes sense that one is more secure than the other.

However, on October 1, Chrome wants ALL sites where there is a possibility of collecting any type of user information – even if it’s just an email address – to be secure.

It’s their way of better protecting your personal information.

Make SSL secureHow can a non-secure website become secure?

There’s a standard security practice used all over the world with search engines like Google: SSL Certificate (Secure Sockets Layer).

Here’s how it works.

Let’s say you visit a retail website and want to sign up to receive email coupons from it.

This is what you’d do and how SSL security ties into it:

  1. Enter Your Email: Let’s pretend its yourname@youremail.com
  2. Click the “Sign Up” Button: That’s pretty easy to do
  3. SSL Springs into Action: It encrypts your email address to something like []{}##><::::
  4. The Encrypted Code is Sent to a Web Server: Not your email address, just []{}##><::::
  5. The Server Decrypts the Code: It knows []{}##><:::: really means yourname@youremail.com
  6. Your Info is Protected: Nobody sees or knows what you entered

Now, if someone “intercepted” the communication between the website you’re on and its web server, your email address would never be seen.

And if someone hacked that web server, your email address would never be seen.

Installing an SSL Certificate is a time-consuming and complicated process.

It involves answering a lot of questions about the identity of your website and company. Afterwards, a complex protocol system gets installed on your site.

If your site is secure, people will see this icon next to its address when using Google Chrome:

HTTPS Secure

What happens if my site is not secure?

On October 1, 2017, here’s the Google Chrome SSL warning people will see in the address bar or an unsecured website:

HTTP Not secure

Not only that, they’ll see a big not secure warning telling them they’re actually on an unsecured website.

The Chrome team hasn’t released details on what this page will look like. However, it’ll be clearly designed to turn people away from an unsafe website.

And should people want to proceed anyway, Chrome will make it very difficult (but not impossible) to do so.

Basically, everything will be done to get people to turn back and run away from an unsecured website.

What is WEB ROI doing to help its clients’ websites?

Leading up to the October 1 deadline, websites belonging to WEB ROI clients will undergo strict testing to ensure it is SSL secured.

This testing involves:

  • Filling out and submitting all contact forms.
  • Using modern testing tools to ensure SSL Certificates are installed properly.
  • Validating SSL Certificates so they won’t expire in the near future.

If you are a WEB ROI client…

Check your email inbox. If you’ve gotten a completed contact form asking if you’ve received it, it’s because we’re testing it for SSL.

Also, your Account Manager may call you to ask if you’ve gotten any forms from us.

Finally, if your site isn’t HTTPS ready, rest assured it will be by October 1.

If you are not a WEB ROI client…

Contact us with any questions you have about SSL and Google Chrome. We’ll be happy to answer them for you.

What should I doI’ve had companies call and tell me my site isn’t secure. What should I do?

You might get some phone calls from digital agencies trying to sell you on having them handle your SSL Certificate.

As a business owner, it’s up to you to decide how to best proceed.

The easiest way to know for sure if you have a secure website is to enter its address into Google Chrome.

Then, copy the address and place it in a word document.

Here’s what to look for:

  • http://www. yourwebsiteaddress. com (NOT secure)
  • https://www. yourwebsiteaddress. com (IS secure)

From there, you can:

  • Do nothing (and risk having your website traffic go down drastically)
  • Take steps to get your website  a Google SSL Certificate

Have any more questions about Google SSL Certificates?

If you want to know more about SSL Certification and how it impacts your website, all you have to do is contact us and we’ll reply ASAP (given how soon the deadline will be here).

Contact us now