Google plans to highlight websites that are not encrypted as part of its campaign to improve browser security.
HTTPS encrypts the data sent to and received from users protecting it with an unbreakable SSL (Secure Sockets Layer) certificate. This certificate not only adds an extra layer of protection against hackers and anything that may intercept, but ensures that the user is really connecting to the right site and not an imposter. HTTPS ensures that malicious third parties cannot hijack connections or insert malware.
Chrome displays an icon immediately to the left of the URL which changes depending if the site is HTTP or HTTPS. Currently, if a site is unencrypted it is marked with a white page icon, whilst a secure site is marked with a green padlock. Google plans to flag sites that aren’t served over HTTPS by showing the padlock marked with a red X. This change will draw even more attention to websites that are potentially unsecure.
Google are not alone in this movement, Mozilla and Apple have both indicated that they feel more web encryption is necessary. The move may seem extreme, but it is becoming more and more crucial to protect your data and your customer’s data.
When the change will roll out to the public is still unconfirmed, but our advice is to take action now to avoid being flagged as unsecure. If you want to see how it will look you can switch it on by going to chrome://flags and then finding ‘mark non-secure as’ and selecting ‘mark non-secure origins as non-secure’.
If you have questions or concerns on how this may affect you, please get in touch with our team.