Head of Digital
Posted on February 10, 2017
For websites that don’t process sensitive information SSL has often been seen as a ‘nice to have’ feature, used to convey authenticity and boost Google rankings. However with recent changes to Google Chrome, this is all set to change.
Starting this month Google Chrome will show an ‘insecure’ warning when a visitor views a webpage containing a form with a password field. As this stands this should not be a huge surprise, as any website which requires visitors to login should be secured with an SSL certificate. However, it is widely expected that this feature will be further developed to show the warning when viewing any webpage with a form, and eventually any webpage which is not secured with SSL.
The problem for financial websites
Even for financial websites that do not process sensitive data, this is a problem that needs to be addressed. Marketing as a whole, but particularly financial marketing relies on trust. When a visitor sees a warning that a website is insecure, this trust is damaged. The figure below shows how the message currently appears (this may become more prominent over time).
Will a free solution suffice?
Supported by large companies such as Google, there has been a drive towards the use of free SSL certificates (such as https://letsencrypt.org/). Whilst this may sound tempting, it is important to understand the browsers and devices that visitors to your website are using. Free SSL certificates are not compatible with certain browsers, for example Internet Explorer 8 and below. When these visitors view your website they will see an error, further damaging trust in your website.
Our recommended solution
The problem with free SSL certificates is that they are free. Spammers and less reputable websites can now appear more legitimate and trustworthy. Because of this, it is possible that web browsers will start discriminating between free and paid SSL certificates. So a better long-term solution is to use commercial offerings, which offer 99% browser compatibility and should be protected against any future discrimination against free certificates.
We’re recommending that all of our customers install an SSL certificate as a matter of urgency, so speak to your hosting provider and request a commercial grade SSL certificate for your website – you might even get some higher search rankings as a result!