In an attempt to make the web a safer and more secure place Google Chrome have taken a major step in encouraging websites to encrypt information provided by their users to protect their personal information.
Checking a sites SSL certificate ensures that you’re visiting the right site rather than a fake version set up by scammers to steal your details. SSL certificates are issued by a third party company who have to perform a background check to authorise the company’s authority. When something looks wrong to the browser it issues a warning to the user but unfortunately, according to a recent study by the Chrome development team, fewer than one in four people actually follow these warnings – quite a scary statistic!
This is perhaps because when a warning is given about a site, it often tells you what the problem is (‘this sites SSL has expired’) rather than explaining how this may affect the user (‘this site isn’t encrypting any sensitive data such as passwords or payment info you give it!’).
In an attempt to help protect people online and encourage more sites to move to HTTPS, Google Chrome have announced that they will be naming and shaming non secure sites in a sense by informing users when they enter an un-secure webpage where sensitive information like their login details and passwords could be at risk. Google Chrome has said that it would clearly mark standard HTTP connections as non-secure to help encourage sites to up their security and avoid this being highlighted to their visitors.
The announcement on the Chrome Development website read:
“We all need data communication on the web to be secure (private, authenticated, untampered). When there is no data security, the [website] should explicitly display that, so users can make informed decisions about how to interact with an origin.”
In August, Google also announced that it had plans to start placing secure websites that are using HTTPS, higher in their search rankings. To check your sites security you can use our SSL Checker HERE.