Where Websites Come To Life
Google Chrome 68 turns HTTPS into the Web site standard
August 6th, 2018
This article was sourced from our Partner: InternetX's Blog.
The one side operators are curious, others rather tense: The new version of the web browser Chrome goes live later this month. The conversion to Chrome 68 is not only the new version of Chrome launched: Online appearances, which are currently protected only via the HTTP, are marked with the start of Chrome 68 with "not sure".
If you do not have an SSL certificate yet, you have to expect that the missing small lock symbol will now cause a drop in sales and visitors will jump off. Google wants to achieve with the changeover, that site operators gain a certificate and so the area-wide traffic on the Internet is encrypted.
Google's ongoing Transparency Report on HTTPS Encryption on the Web shows that in July 2015, only 46% of all Chrome-loaded web pages were encrypted. Three years later, in July 2018, it is already 85% and at the latest with the new Chrome version, the number will increase again.
When is the time?
So far, websites that have included a certificate have been rewarded with a green browser bar and the "sure" award. As of July 23, those who have not yet included a certificate, in the browser bar even with a "not sure" punished, because that day is the version 68 of the web browser Chrome go live.
According to DigiCert , the leading provider of scalable security solutions, only 43% of Alexa's top websites currently use HTTPS. According to a recent analysis by W3Techs , only 36% of all websites are encrypted.
Not only Google punishes unsafe online appearances
But that's not all: with the introduction of the DSGVO, SSL certificates are even required by law to ensure the "encryption of personal data" (§ 32 (1) GDPR). A missing website encryption is already the reason for a large number of warnings. Already in June, a site operator whose online presence was not equipped with an SSL certificate should pay € 12,500 in compensation. And more and more cases are becoming known.
What should you pay attention to?
Actually, HTTPS encryption has been a standard feature of a website since last year. Some providers currently offer free domain-validated SSL certificates (abbreviated: DV certificates) in order to initiate comprehensive encryption. DV certificates may be sufficient, but are more suitable for non-commercial web projects such as forums, travel blogs or public photo albums.
Online shops and corporate websites should definitely rely on Extended Validated SSL Certificates (in short: EV Certificates) and not just rely on a DV certificate. EV certificates differ from the free certificates in that the ownership of a website is thoroughly checked.
For example, phishing sites can include a DV certificate and thus convey to visitors that the site is "secure" even though only the data transfer is encrypted. Website owners can not just purchase the EV certificates, they are scanned as a company.
With an EV certificate, a company stands out clearly by its own company name in the browser bar. Visitors to the website can use the website seal to access further information about the site operator. It is z. For example, you can see where the company is based and whether it really is as trustworthy as it first seems. In addition, the status of the certificate is visible. In addition, high-quality EV certificates also scan the web server of the site, check whether malware (malicious programs) has crept in and immediately report this to the certificate holder. EV certificates therefore enjoy the greatest confidence among website visitors.
A conversion that is worthwhile
HTTPS is not only a ranking factor on Google, it also creates a sense of security for customers. Since the transition is easy to perform and there are also free versions, site owners should definitely include certificates before the pages of Chrome 68 are branded as "unsafe".
If you have any questions, please contact us.
Article written by InternetX's Online Editor Ms. Nadine Jager.