Google moving towards a more secure web in 2017

 

As of early 2017 Google will be updating it’s popular Chrome browser to include at least one notable change.

Any website which does not have an SSL certificate installed will appear in the Chrome browser as a Non Secure website. An SSL certificate is represented by the small padlock icon you see on most eCommerce & online shopping websites which tell you that connections to and transactions through that website are secure and encrypted. Although this is by no means a prerequisite for a website to exist online, Google do set the bar for some of the Internets most important industry standards and what this does mean for all website owners is that it may be in your best interest to add an SSL certificate to your domain name in the interest of public trust.

This will be a welcome change as all businesses we work with who sell online have an SSL certificate in place and should you choose to do so, our pre existing website owners can add one to their domain name without an installation cost. It’s a small upgrade and fee for that matter starting at $40.00 per year for the piece of mind provided.

Below is Googles official statement regarding the projected Google Chrome browser 56 upgrade.

Please don’t hesitate to reach us with any questions you may have.
The Citric Digital team.


To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure. Beginning in January 2017 (Chrome 56), we’ll mark HTTP sites that transmit passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.

Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.
A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS. In addition, since the time we released our HTTPS report in February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS.
Studies show that users do not perceive the lack of a “secure” icon as a warning, but also that users become blind to warnings that occur too frequently. Our plan to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria. Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.
In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
We will publish updates to this plan as we approach future releases, but don’t wait to get started moving to HTTPS. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. Check out our set-up guides to get started.