HTTPS Protocol: Is Your Website Security Turning Customers Away?

HTTPS warning

When you run a business, it is up to you to keep the leads coming and the customer pipeline full. For many enterprise-level companies, a useful and intuitive website is at the center of their business model. But changes to the way Google and other search engines handle protocol security could mean that your website is actually turning customers away before they even load the homepage.

Website Security Protocol and HTTPS

You’ve seen it every time you open a browser or go to a website: the Hypertext Transfer Protocol is the http:// that comes before every URL. This protocol is the set of instructions a browser uses to transmit and receive data from a website. Think of it like the money-handling policies at your company. HTTP tells the website what information to take, where to send it, and what security measures to take to protect the currency (information) that is received.

Increasingly, HTTP is being replaced by HTTPS, which stands for "HyperText Transport Protocol Secure." The difference between HTTP and HTTPS is a matter of website security. With HTTP, data is collected and transferred in an unsecured way. If someone happened to be eavesdropping on (hacking) a particular internet connection, he or she could intercept the data as it based from user to server and read it. Under HTTPS, all data is encrypted prior to transfer. That means anyone listening in won’t be able to understand the data received.

Google Automatically Warns Users When Web Security is Missing

Originally, this extra level of security was used by banks, merchant service companies, financial institutions, and other websites that collected and stored private user data. It was designed to protect the users’ financial records and other important details against identity theft.

However, in recent years website security has become more of a concern for everyday users. In response to this, in 2018, Google Chrome began alerting users when they navigated to unsecure webpages. The address bar at top of the browser (called the Omnibox) now shows an icon indicating a website is “Not secure”. In some cases, the warning gets even more aggressive, turning red and creating a pop-up full-page warning that user data is not fully protected on the site. Since more than 50% of all Internet browsers worldwide are Chrome, that creates a big problem for business owners using their website to drive their company’s bottom line.

“Not Secure” Warnings Drive Away Potential Customers

If you receive customer credit card payments or other confidential data directly on your site, that “not secure” warning is a problem. It means your customers’ data could easily be intercepted and misused. By not using HTTPS, you are putting your client and your company at risk.

However, even if you direct users to a third-party site (like PayPal) to make their payments, the “Not Secure” warning could still be hurting your business. Most users do not understand what HTTPS is, or what it means. When they see a site is “not secure”, they may turn back for fear of malware. They may not wait to see whether the site even requests consumer data. Instead they click away quickly, negatively impacting your company’s bounce rate, advertising ROI, SEO, and ultimately your bottom line.

How to Get HTTPS on Your Website

The good news is it is now relatively simple to implement HTTPS on most websites. Some hosting sites offer secure certifications free or at low cost. Implementing the secure protocol could a simple process, especially when weighed against the loss of potential business.

However, if your company integrates its website into its day-to-day practices, gaining the “Secure” Chrome seal of approval could be more complicated. If any part of your web-based employee interface of customer portal does not have the proper security, your entire website could be flagged as “Not Secure”. Don’t take the risk. Contact the website consultants at Provisio Technology Solutions today to review your options and get your business back in the green when it comes to web security.