HTTPS is a secure web protocol commonly used by e-commerce websites to provide secure transactions for its users. Google has been actively advertising to website owners to convert to HTTPS, and has been rewarding secure URLs with a minor SEO boost. This helps website rank higher in Google.
HTTPS does confer with Google’s metrics, but it mainly provides users and your business with security for any confidential transactions you conduct over your website. Do you have a form on your website that collects Name, Address, Email Address? Would you feel secure if your site was to be hacked and all the data leaked?
Google wants to provide users with a secure and beneficial web experience so encouraging website owners to switch to HTTPS is obvious.
What is HTTP?
Hypertext Transfer Protocol (http) is an application layer protocol designed to transfer and receive information over the Internet. An application transfer protocol presents how information is displayed to a user and does not discriminate how information is transferred from one source to another. HTTP is most commonly used to retrieve HTML text and other site resources.
HTTP is considered “stateless,” and does not retrieve or store information from previous browsing sessions. The benefits of using HTTP equate to faster load times and better information display. Websites that do not host confidential financial or user information use HTTP. Unfortunately, HTTP is not secure and are always at risk of data breach from third parties.
HTTP + SSL
Websites began switching to the HTTPS client to conduct secure transactions and authorizations with its users. HTTPS is the same as HTTP, but with a layer of security attached. HTTPS comes equipped with Secure Sockets Layer (SSL) to monitor and transfer data safely between two points, which is why search engines prefer HTTPS clients. Nicknamed “Secure HTTP,” HTTPS is commonly used by banks, e-commerce websites, and any website that conducts financial and personal transactions.
In 2014, Google announced that websites equipped with the HTTPS client would receive a minor rankings boost over websites with HTTP. This is a merely a soft signal for Google. If two websites were presented with the same technical specifications and content relevance, Google would rank webpages with the HTTPS client over a website using HTTP. This could become a stronger signal in the future.
Login Not Secure
The release of Chrome 57 will give users in-form security warnings at the bottom of any form fields on sites that still run the HTTP client. In early 2017, Chrome also gave users a “Not Secure” warning for any HTTP websites that asked for login or credit card information. Imagine how users will perceive conducting a credit card transfer on your website when their browser is telling them it’s not secure.
Traffic passing through your HTTPS server are preserved as secure referral sources. Traditionally, when using analytics software, traffic passing through an HTTP server appeared as direct traffic.
With Google’s new mobile index, it is encouraging websites to convert to HTTPS and it could have a larger impact on rankings than desktop searches. In order to convert webpages to AMP, Google requires websites to be equipped with SSL, which could have a dramatic effect on organic mobile rankings.
HTTPS ensures that your website is the correct site the server is supposed to be talking to. HTTPS also encrypts all user data, including financial information and browsing history, and protects against third party breaches.
Most browsers support HTTP/2, which provides browser enhancements over standard HTTP. When HTTPS is enabled, users will experience faster browsing speeds, as well as data encryption. Major improvements to TSL (Transport Layer Security) have made encryption more streamlined and adds negligible CPU load to servers supporting HTTPS.
Establishing an HTTPS connection is valued by Google and adds a necessary layer of security for users and your business. Browsers are now evolving to handle HTTPS connections at improved load speeds and many third party websites are available to help establish the best HTTPS connection available. By all evidence, HTTPS will be the future for web clients and prolonging the inevitable will surely harm your SEO campaign in the long-run.