According to Google, the number of websites using HTTPS has doubled in the last 24 months. Personally, I still think that not enough websites made the transition, despite the numerous advantages of this protocol.
For those of you who are still skeptical about switching to HTTPS, I will give you 5 reasons that will potentially make you change your mind.
HTTP (or Hyper Text Transfer Protocol) is the method by which data is moved around the Web. As any protocol out there, it has both good and bad parts. On the plus side, it is fast and reliable. On the other side, the transmission is not protected.
HTTPS (or Hyper Text Transfer Protocol Secure) is the answer to the data protection issue. It does this by using an SSL (Secure Sockets Layer) Certificate. An SSL certificate contains both public and private encryption keys that are long strings of alphanumeric characters used to ensure the confidentiality, authenticity and consistency of information, thus making it ideal for protecting sensitive data. Let’s see how this will help your website.
When you use HTTPS for your website, the data that flows to/from the web server is encrypted using SSL/TLS. You know this by looking at the upper left corner of your URL bar and you see that it says HTTPS instead of the usual HTTP, and then you also see some kind of lock indicator showing that the connection is in fact secure (see picture below).
That lock doesn’t just show that the connection is encrypted, but it also shows that the certificate that was used in the encryption process is valid and was issued by a valid Certificate Authority (CA).
An example of website using HTTPS with a non-valid certificate (self-signed or expired) usually looks like the picture below (depending on the web browser that you use).
So, if your website exchanges sensitive information (eg. credit card info, passwords, personal data), using HTTPS is a must.
How can visitors trust that your site is really the one it claims to be? Imagine you’re a company that performs financial services. If you operated such a site, you would really want to ensure your customers that the information they are getting is genuinely yours and not someone else’s that impersonated you.
Take the stock market, for instance. When you buy/sell stock options, you want to make sure that you are trading with the right person/entity, and not some malicious hacker that might want to interfere with the transaction.
When you access a website that is being served via HTTPS, you are sure that the content you receive is coming from that website, because its owner verified that he/she controls the domain. This also depends on the certificate that the owner of the website chooses to buy (these usually come more expensive).
3. Data integrity
How many times have you accessed a site on an open network (eg. hotel) and got unexpected ads? Data integrity means that the data that is in transit between you and the website has not been tampered with.
SSL/TLS protects the integrity of your website by helping to prevent intruders tampering with communications between the site and the visitors browsing (a common tactic here is injecting malware) as well as safeguarding privacy and security.
Only by using HTTPS can you guarantee that someone is not altering how your content is received by your users.
4. SEO boost
In August 2014, Google announced that websites served over HTTPS will be given a slight ranking boost. They aim to promote the pages that are best for the user, and one protecting the user’s privacy using HTTPS is much better than one that isn’t.
According to Search Engine Land, this gives websites a small ranking benefit, only counting as a “very lightweight signal” within the overall ranking algorithm. In fact, Google said this carries “less weight than other signals such as high-quality content”. They also claimed that it will have an impact on “fewer than 1% of global queries” but said they “may decide to strengthen” the signal because they want to “encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web”.
So, if you want to rank higher on Google and not lose customers, then you should switch to HTTPS right away.
5. Greater level of customer trust and sales
While several years ago it was important to have HTTPS enabled only on checkout pages for e-commerce websites, today data privacy has become a central issue in the digital world. As public awareness of the above factors grow, customers will become increasingly reticent to visit an HTTP website.
Using HTTPS can ensure a greater level of trust among your website visitors that they are not at risk of compromising their passwords or credit card numbers or simply revealing their browsing history. It proves them that you take their security seriously which instantly helps to promote yourself as trustworthy and professional.
While the number of websites that use HTTPS increases every day, the transition still remains very slow. It may be because of insecure third parties, costs or other legacy reasons that render the switch painful, but webmasters must understand the importance of security for their business.