The Point of No Return for HTTPS Arrives in the Google Chrome 68 Release Expected in July 2018
Google has been promoting encrypted web connections since at least 2015 when they gave preferential rankings to websites with HTTPS. Since then, Google has incrementally tightened their policy, most recently in 2017 when HTTP, unsecured sites, with password or credit card fields were marked “Not secure” and now are planning to take that one step further in the Chrome 68 release anticipated to go live this summer.
“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as ‘not secure’”, according to a recent Chromium blog post. This move is significant to all website owners and IT professionals who secure, manage or administer websites. It’s also significant to marketing professionals who rely on digital campaigns to promote their brand and products.
To avoid disruption in website traffic, pipeline development and eCommerce revenue, all websites should be secured with SSL/TLS technology. Let’s not forget that landing pages and microsites created for campaigns or to attract a specialized persona will be subject to this same security policy in Chrome 68.
Which Address Bar Do You Think Gives Visitors the Most Confidence to Transact on Your Website?
Here’s how HTTP pages appear now in Chrome and how they will appear in Chrome 68:
The omnibox will display “Not secure” for all HTTP pages in Chrome 68.
In contrast, here’s how a trusted and secure website currently appears in Google Chrome:
The Entrust Datacard website in encrypted and trusted – the addition of the organization name and country of operation is provided by our EV SSL/TLS certificate. It gives visitors is a strong indicator that ours is not a phishing website. Used in this way, SSL prevents negative or neutral browser indicators.
Why the Fuss?
The fuss is about security – HTTP pages lack the security that HTTPS pages bring (yes, the “S” is for secure). That security is provided by the encryption technology behind the SSL/TLS certificate, which displays “HTTPS” in the web address bar. This lets visitors know that encryption is used to secure sensitive information that gets transmitted from the website to the organization’s server – login credentials, credit card and other private information.
In addition to avoiding halting browser warnings, using a trusted and secure Extended Validation (EV) SSL/TLS certificate gives visitors confidence that they are on your official site. Extending this practice to all pages used in digital marketing – such as microsites and landing pages — will be an essential practice when Chrome 68 is released.
Read more on how to Use SSL to Avoid Browser Warnings That Threaten Website Traffic >>