Yes. Google is punishing websites without SSL certificates. Not only will not having SSL certificates mark you down in the search rankings. Google’s approach will negatively impact your trust rating with Internet users. Therefore, if your website does not have SSL certificates, take the necessary steps to get them as soon as you can.
The question is “Why?”
What Are SSL Certificates?
SSL is the acronym for Secure Sockets Layer. This is a program that encrypts data that is transmitted between a browser and a web server. When you submit information on a website, it will pass through different networks and servers before arriving at its destination point.
While your data is being transferred through the Internet, it can be intercepted by unscrupulous third parties. Having SSL certificates will let the recipient of the data know that the sender is a verified party.
Websites that have SSL Certificates will have the acronym HTTPS before their URL. HTTPS stands for HyperText Transfer Protocol Security. For Internet users, the “S” in “HTTPS” will tell them the website is secure.
In contrast, the standard URL that does not have SSL Certificates will be accommodated by the acronym HTTP.
We have written extensively about SSL in our articles “SSL: What It Is And Why Your Business Needs It” and “SSL Basics: Why You Need It To Protect Your Business From Hackers”. If you want to learn more about SSL, please take some time to read those highly-informative articles.
It used to be that SSL Certificates were recommended only for e-commerce sites and other websites which collected sensitive information from its users.
These types of sensitive information included numbers of credit cards, social security, driver’s license, bank accounts, and personal information such as birth dates, residential and email addresses.
With data theft and other cyber-criminal acts rising, Google wanted proprietors of e-commerce to prioritize getting SSL certificates for their websites.
In 2014, Google even tried to incentivize Web Masters to get SSL Certificates by including it as a ranking factor in its search algorithm. However, that did not seem to encourage enough websites to secure their data. Now, they have forced Google’s mighty hand.
Effective last July 2018, all websites that do not have SSL Certificates will be marked “Not Secure” by Google.
All websites. This means even websites that are not engaged in e-commerce or collect sensitive data are required to get SSL Certificates.
Why Google Demands SSL Certificates For Websites In Its Search Rankings
It is no secret that Google has always been big on User Experience (UX). From 2015’s “Mobilegeddon”, where Google required websites to become mobile-responsive to its guidelines on producing high-quality content, it is clear the search engine giant wants its users to have an amazing search experience.
Therefore, Google’s demand that all websites obtain SSL Certificates is an obvious next step to further improving UX.
Google has always clamored that the Internet should be a safe place for people to use. Especially in view of 2017 becoming a banner year for cyber-crime, Google wants all data traveling on the Internet to be secured. One of the best ways to secure data is through encryption.
Prior to the directive, websites that only had HTTP were identified with an icon of a white page. Web pages which obtained SSL Certificates had an icon of a padlock with a green lock to inform visitors that the site is secure. If there is something wrong with the HTTPS page, the visitor will see an icon of a padlock with a red letter “X” over it.
In its security blog dated 8 September 2016, Google shared its opinion that the current classification system did not reflect the actual risks of visiting HTTP websites. For this reason, Google decided to take its security campaign to the next level by having websites without SSL Certificates marked “Not Secure”.
According to Google, labeling websites without SSL Certificates as “Not Secure” is just the first step in its campaign to raise awareness of the importance of data security.
Newer versions of Chrome will mark websites as “Not Secure” even when you are browsing in “Incognito Mode”. Eventually, Google will identify all HTTP-only websites with an icon of a red triangle, the universally-recognized sign for “warning”.
Should You Get SSL Certificates For Your Website?
As the famous saying goes, “When Google sneezes, everyone catches a cold.” If Google requires all websites to get SSL Certificates, then yes, you should get them for your website.
The big question you might be asking is “Will not having SSL Certificates lower my website’s search rankings?”
The best way to answer this question is to simply state that as far back as 2014, Google mentioned that having SSL Certificates will be a ranking factor.
Given the fact that Google’s present directive is all-encompassing in that all websites should have SSL Certificates, it only signifies that transitioning from HTTP to HTTPS has become a priority factor in its search ranking algorithm.
Another reason why you should consider obtaining SSL Certificates is that it helps foster trust with your customers/ users.
Even if your website does not collect sensitive data, the idea of dealing with a site that is “Not Secure” will be unsettling with the visitor. For sure, he/she will have second thoughts. The probability of visitors abandoning your website will be much greater if it is labeled “Not Secure”.
If you’re still on the fence about getting SSL Certificates for your website, you should know that shifting from HTTP to HTTPS will improve your page loading speed.
According to the page loading speed test, HTTPS pages load 334% faster than HTTP pages. Keep in mind that page loading speed is a ranking factor in Google’s search algorithm.
For the reasons that obtaining SSL Certificates for your website will present the following benefits:
- Adds another layer of protection through encryption of data
- Higher search rankings
- Higher trust ratings from users
- Builds your business brand
- Improves website speed
Then you should take the necessary steps to shift from HTTP to HTTPS as soon as you can.
Conclusion
Google estimates that 50% of websites that load via desktop have SSL Certificates which is an all-time high. Many of the top ranking sites on Google such as Facebook, Amazon, Wikipedia, and Twitter are using HTTPS.
When Google first announced its decision to penalize websites without SSL Certificates in 2017, high-ranking, high-traffic websites like eBay, Microsoft, and CNN maintained their HTTP status.
As of the latest Google Transparency Report, these websites along with many others have complied and have shifted to HTTPS.
If you are thinking of getting SSL Certificates for your website, let us know. We can get this done for you. To be sure, drop us an email or better yet, give us a call. We’ll take you through the entire process of acquiring SSL Certificates.