News & Blog

Google Chrome Will Tell Users If Your Website Is Not Secure.

By Francis West on 14th September 2016

In a bid to publicly promote the importance of online security for all, the latest change to the Google Chrome browser will mean that a red ‘X’ on top of the lock in the address bar will be displayed if you visit an unencrypted website.

Goal to Show That HTTP Provides No Data Security.

From a user’s point of view, it would be hard to argue against a browser having built-in measures to improve security. This move by Google hopes to highlight the issue of improving web security in the future by encouraging, in this case using a shaming tactics, a move to encrypting and secure serving of websites over HTTPS rather than settling for the old, traditional, now less secure protocol of HTTP.

The main goal of the Google Chrome change is therefore to show that when you visit a website with HTTP in the address bar there is no data security. The red ‘X’ symbol will  replace the current ‘white page’ symbol that is displayed when you visit a HTTP website using Google Chrome.

Why is HTTP Less Secure Than HTTPS?

Where the traditional HTTP protocol is used when serving web pages it is possible for someone to snoop on the connection and therefore potentially steal passwords or other sensitive and potentially valuable data.

Where the HTTPS protocol is used to serve web pages there is the added security measure of encryption in place. Your connection can’t be snooped upon or hijacked e.g. to insert malware.

As well as protecting your data, HTTPS also ensures that the website you’re connecting to is the genuine website and not one set up by an imposter. This is particularly important in today’s online environment where fraud is prevalent and fake websites are often used in cyber crime such as phishing attacks.

Expected For Some Time.

Many technology experts and commentators have been vocal in their approval of this change to Google Chrome which has broadly been hailed as a bold and overdue move in the right direction for web users.

The move by Google had been expected; back in 2014 at its conference, it made public its opinion that HTTPS should be everywhere.

See The Change.

You can see the change in Google Chrome by typing “chrome://flags” into your Google Chrome browser, going to “mark non-secure as” and selecting “mark non-secure origins as non-secure”.

What Does This Mean For Your Business?

If your business is already using HTTPS for your website then this is good news as the more than 1 billion Google Chrome users will be able to see that your website is secure and you will therefore have a greater chance of converting those visitors into customers rather than losing them from the site. It could also mean more positive perceptions of your website and perhaps another source of competitive advantage if your competitor’s website is HTTP.

If your website is not using HTTPS there are of course cost implications in purchasing an SSL Certificate.  As Web and Google Chrome users this change is good news as it gives us all opportunity to take more security precautions at a time when cyber crime levels are very high.