How Google warns about unsecure website pagesPosted on - 6th Mar, 2018 |
Google actively encourages website owners to implement SSL certificates on their websites. SSL allows the websites to be accessed over HTTPS protocol, which encrypts the information sent between the web server and the user.
Google gives an SEO boost to the websites that have an SSL certificate – they first confirmed this as a ranking signal in 2014. A few months ago, Google started to blacklist the non-secure sites (HTTP) which required password fields and credit card forms to be filled in by customers.
A few months ago Google Chrome launched their latest version and if you belong to a non-secure website, it provides a warning in the address bar.
How it impacts you?
The pages within your website will be flagged as not secure – this affects your rankings in Google. This will also impact traffic to your website; people will leave your website within a few seconds once they realise that your website is not secured for leaving personal information.
This can have a massive impact on enquiries and orders.
SSL Certificate Types
There are 3 types of certificates available:
1. Domain Validated
The certificate verification is made by issuing certificate authority (CA). They verify a contact on the domain to approve the request. We no need to submit any documents based on your company.
Usually the approval is done by email, or via the telephone or via any alternative methods.
This is a kind of certificate that verifies for phishing and man in the middle attacks.
When visitors see a little padlock symbol in the address bar of the browser – you will not see any information about the business owner.
2. Organisation Validated
It requires the issuing authority to confirm the business making the request is legitimate and registered. You can also see your company information in the certificate, once you clear the verification.
It also displayed some information to the customers when they click the secure seal icon – it tells them who is behind the site and in turn gives enhanced trust in the website.
Normally this takes about 2 days to issue.
When visitors click on the green padlock symbol in the address bar of the browser – they can see the business name is listed.
3. Extended Validation
It usually requires more documentation that you need to submit to a certificate authority.
- They verify your business ownership
- They will ask you to submit certain business documents
- They will ask for company and ownership details
These details can be seen in the certificate. Extended Validation (EV) guidelines are strict and require steps that the certifying authority must do before issuing,
- Verify the physical, legal and entire operational existence
- Verify the entity is properly authorised before the issuance of an EV certificate
- Verifies that the identity matches the official records
- Also verifies the entity has exclusive rights to use the domain specified in the certificate
Once everything is validated, visitors can see the business inside the address bar itself (in addition to clicking the lock icon).
It takes normally 10 days to issue.
Whether your website is affected?
A few questions to ask,
- Does your website have HTTP in your address bar?
- Your website has input text such as login details, contact forms, and search bars etc.
If your answer is “yes” then you need to implement an SSL to avoid non-secure warnings in the visitors’ browsers.
GDPR – General Data Protection Regulations – It is a new law that is going to affect the UK business from 25th May 2018 onwards. GDPR states you need to act to get your website safe and secure with HTTPS.
If your website is hosted by e4k Digital Agency, we will call you shortly to discuss about the certification. If you have any questions, leave a mail to email@example.com or call us direct on – 0121 66 66 534.