Cyber security is a serious business. Nowadays we share so much of our private information online that, whether we’re sending an email or online banking, it’s never been as important to know that the page we’re on is secure. The first sign of this is often indicated by that glorious green padlock in the address bar, but what about when a page isn’t secure – would you notice? There are some changes afoot in browsers that will help you find out how secure you are, and there are some steps you can take to make sure that your customers know your site is secure too.
January, the longest, grayest month, is finally done. And ,while it may be a month we’re glad to see the back of, it has left us with a decent legacy – improvements to online security.
As of yesterday, both Firefox version 51 and Chrome version 56 will start showing warnings when websites served via HTTP – i.e. ones that aren’t using the secure HTTPS version – have a form on them. In English – they’ll actively notify you when they aren’t secure but are asking for your information. The warning will show next to the URL address bar and is part of a long-term plan to show a warning on all pages that aren’t secured with HTTPS.
Until now, when you visited a website using HTTPS you would see a green padlock in the top left of the address bar, but the changes mean it will actually say when web pages collect passwords but don’t use HTTPS, flashing up with a ‘connection is not secure’ warning.
That’s why it’s the perfect time to make sure that you’re giving visitors to your website a green light too with an SSL certificate.
SSL certificates encrypt information between the browser and web server, preventing any man-in-the-middle style attacks by keeping any data sent between a user and a website secure. They are essential if you have an online store, process credit card details or have any kind of user login, especially if it accesses personal information.
Nowadays users expect an SSL on these types of websites – we’ve all been about to input card details on a site and paused to scan for the green padlock in the URL bar…and then gone elsewhere if we’re unsure. It’s just not worth the risk.
EV (Extended Validation) certificates turn the URL bar green and show your company name, which gives your visitors extra visibility and assurance that you’re a genuine company with a secure, safe website, all of which helps to improve website conversions.
The key advantages of paying for an SSL certificate are that they are long-term, industry-trusted Certificate Authorities and can be valid for up to three years. There are various types to fit all situations (multi-domain/wildcard/single site/EV) and your company details will be embedded into the certificate to build trust. Plus, it’ll give you that all-important green address bar, and is supported for almost all software and systems.
There are some free certificates out there, which aren’t going to give you the same range of options – and often won’t give you the green address bar – but can be a good middle option if you’re looking for a free option in the interim.
Ultimately it’s down to you, but you really do get what you pay for. As more internet users are becoming aware of the importance of securing their data, make sure you’re not giving them a red light for your site.