Google started warning the world back in 2014 about its plan to ensure the protection of information shared on websites. Everything began when one of the members of the Chrome Security Team sent out a proposal to mark all HTTP websites as “Not secure”. Now, this is a reality.
From October 1st, Chrome will show the ‘Not secure’ warning in two additional situations: when visitors enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.
So what does this mean? Property managers and their website administrators should take the necessary action to ensure visitors to their website will continue to feel “safe”. Failure to do so through inaction is the same as scaring many of them away. Especially since nearly 60% of all web users use Chrome as their browser. In every website served over HTTP the data exchanged between the site’s server and the user is in the open. Basically, anyone with the ability to snoop on the connection, be it a hacker at a public place or a repressive government, could steal passwords or other sensitive information.
To help users browse the web safely, Chrome indicates connection security with an icon in the address bar:
Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted. HTTPS is often used to protect highly confidential online transactions like online banking and online shopping. As a result, the user information stays private, avoiding the risk of hackers stealing your details.
Why is this important for my vacation rental business?
For a couple of (very important) reasons. Now site visitors will be notified that they are surfing a “Not Secure” website and be concerned about potential risks, whether they understand those risks or not. If you’re working with sensitive customer information, whether that’s credit card details or login credentials, HTTPS is a good way to reassure people that your site is secure.
For e-commerce sites that accept credit cards MUST use an SSL certificate this is not an option. To comply with audit requirements, they must prove they use encryption of customer financial data. E-commerce sites cannot operate legitimately without an SSL certificate unless they go through a third-party payment processor such as Paypal. In such cases, companies such as Paypal, accept responsibility for the handling of customer financial information and hold the required certificates.
On the other hand, Google announced that using SSL encryption will give sites a ranking boost within Google’s search engine. All in all, if you’re expecting to get a significant amount of search traffic in the next few years, you should plan on switching to HTTPS. As a result, better rankings can lead to more traffic. The more people see your site, the more visitors you’ll get.
The emails that went out few weeks ago had the subject line, “Chrome will show security warnings for”. It explained where HTTPS changes are needed and provided more details on how to implement. Here is a copy of one of those notifications:
It’s nearly October and Google will start implementing this security measure soon. Be proactive and act now!