"What do you mean, 'Not Secure,' Google Chrome?"
As you browse websites online, especially on Chrome web browsers, you may be alerted that the website you’re looking at is not secure. “Not secure? How can a website not be secure?” In this piece, we’re going to answer some frequently asked questions related to SSL certification and how it can impact your online experience.
“What does SSL stand for?”
The acronym “SSL” stands for “Secure Sockets Layer.” The term is referencing certain cybersecurity protocols in relation to how information is handled on a particular website. An SSL Certificate is a form of proof that the website you’re visiting has a level of encryption in place for data collected on the site.
Data encryption is a security measure that makes the information you submit safer from third-party data gathering and tampering. To put it in another way, you wouldn’t want to talk to someone on a telephone line where nefarious parties could be listening in on the call. Data encryption would, by comparison, make the conversation only comprehensible to the parties on either end. An SSL Certificate is a form of proof that such security measures are in place.
“Is it dangerous to visit websites without an SSL certificate?”
If you’re worried that hackers and online thieves can somehow pry into your computer just by visiting a website without an SSL certificate, find some relief in knowing that’s not how an SSL certificate works. Visiting a website for research purposes without an SSL Certificate is not inherently dangerous. The riskiest aspect of visiting a non-SSL website is if you are submitting sensitive data such as credit card information or personal details to such websites. Because of a lack of encryption, the website may not be able to guarantee that your data was not intercepted on the way to its intended destination.
“How can you tell if a website has SSL certification or not?”
For the most part, the majority of internet users don’t know a lot about what’s happening under the hood of the website they’re visiting. While this is true, there are fairly clear indicators for determining if a website is secure or not. One easy method is by looking at the web address, also known as the URL (Uniform Resource Locater).
Just before where the “www” is placed, there is an “http…” section. If a website URL simply has an “http://”, the website probably does not have an SSL certificate that covers the entire website. If the website’s URL has an “s” after the “p”, as in “https://”, the website most likely has SSL certification.
There are some websites that may only have an “https://” for certain pages, such as for where you may fill out a data form. Others may have a link to an “http://” website but may redirect you to an “https://” website for security reasons.
Another handy way to tell if a website has an SSL is by using a Chrome web browser. In July of 2018, the Chrome web browser installed a new feature that will say “Secure” or “Not secure” before the URL of any website in the top bar.
“In addition to security, what else is impacted by not having SSL certification?”
Even more than just web security, not having an SSL certification may impact the search engine ranking of a website. The main selling proposition of search engines is serving up the very best websites for search engine users. More than just matching keywords, search engines also take a variety of website specifications into consideration when delivering search engine results including content relevant to your search, ease of navigation, site speed, and yes, website security.
This doesn’t mean that a website without an SSL certificate won’t rank at all, but simply that search engines such as Google have said they prefer to list websites with SSL certification for the safety of their users’ data over websites that do not. Whether you’re a webmaster or a casual peruser of the internet, it pays to be aware of the security of the websites where you submit information.