HTTPS encryption: keeping websites safer for visitors

By Alex J | Friday, 23 December 2016

The average user visits around 130 pages a month, and there is no guarantee that all of them would be safe. In addition, there is a chance that most of them were lead to these sites through search engine results. To avoid leading users to these unsafe pages, Google thought of a way for people to minimise visiting these sites. The search engine giant recently announced that it would include encryption as one of the ranking factors. The company also plans to use its browser to notify users of unsecure HTTPS.

What does this update mean for webmasters?

Google implemented this update in their search engine back in 2014. The company will take it a step further with Chrome. Starting January 2017, the latest browser (Chrome 56) will start putting indicators before the HTTP URLs. The message Google is sending is that safety is a priority. This means that the search engine giant wants webmasters to also look out for visitors. But how does Google notify its users which sites are safe and unsafe? Beside each of the search results, one of three icons would appear. When a white page icon appears, that means the site is not secured with HTTPS. A green padlock shows up when Google deems it safe. Lastly, a red “x” signifies that there is something wrong with a site’s HTTPS.

What is the big deal with HTTPS encryption?

HTTPS is an HTTP protocol that is integrated with extra layers of SSL/TLS encryption. The added layer serves two purposes:

1.It verifies that visitors are communicating directly to the designated server.
2.It serves as confirmation that the server has received the visitor’s transmission.

This kind of system keeps passwords, credit card details, and messages safe from prying eyes. This secure method of exchange would not be possible without SSL certificates. There are several types and each one used for a specific function, namely:

Domain Validated Certificate

This is the cheapest of all the certificates. It validates (usually through email) when a domain is registered. Whoever has admin rights is informed and must then approve the request of the certificate. This kind of certificate should not be used for commercial purposes. It should only be used when security not that big of an issue.

Organisation Validated Certificates

This second type of SSL certificate is for validating domain ownership and other necessary organisation data (e.g. name, city, state, country). Similar to domain validated certificate, the validation could be conducted through email. The difference is organisation validated certificates require more documents for identification.

Extended Validation (EV) Certificates

This is widely considered as the most trusted type of SSL certificate. This is because it also validates the legal existence of a company. With some additional checks, the validation process takes longer because it has stricter guidelines. This is ideal for websites dealing with sensitive information, such as credit card details.

Aside from added security, there are other benefits with using SSL certificates. The right HTTPS protocol could actually minimise load time by 20 to 30%. So really, there is no reason not to get SSL certificates. With our help, you can pick the right certificate for your website. Click here to find to find out your SSL packages.