Millions of people surf the Internet every day. Cyber dangers lurk everywhere. The development teams of the various Internet browser providers are therefore constantly working on optimizing the user experience. In a message at the end of last year, the Google Chrome security team announced some changes from January 2017.
So that users can safely navigate the Internet, Chrome shows secure connections with an icon in the address bar. So far, the browser has not explicitly marked HTTP connections as non-secure. That should change now! As of January 2017, Chrome will classify HTTP pages that collect passwords or credit card information as “unsafe”. These data are particularly sensitive and require special care. In the long term, all HTTP pages should even be marked as “not secure”.
This is how websites that request passwords and credit card information are identified:
To explain: HTTP (Hypertext Transfer Protocol) is a stateless protocol for the transmission of data. It is mainly used to load web pages (so-called hypertext documents) from the World Wide Web into a web browser such as Google Chrome. HTTPS is a supplement: the data is transmitted in encrypted form here.
How is Google Chrome doing so far?
Chrome currently indexes HTTP connections neutrally. But that doesn’t make it clear how insecure HTTP connections actually are. When a web page is loaded via HTTP, someone else on the network can view or change the page before you see the web page yourself.
A considerable number of websites now use HTTPS – and the trend is rising. A milestone was reached when more than half of all web pages loaded in Chrome were connected via HTTPS. Studies have shown that most users do not see the lack of the safety icon as a danger and often even hide warnings entirely.
Google’s plan to classify HTTP websites more clearly and explicitly as “not secure” is gradually being implemented – based on strict criteria.
What does the future hold?
With further updates, the warnings will be even clearer, for example by marking HTTP pages accessed in incognito mode as “not secure”. Here in particular, users have high expectations with regard to their privacy. The big plan of the Google Chrome team is to finally mark all HTTP pages as “not secure” and convert the security indicator into the red warning triangle that has been used so far for defective HTTPS connections.
The label would look something like this:
Google will release more information on the subject the closer it gets to the release of further browser updates. But website owners shouldn’t hesitate to switch to HTTPS. It is cheaper and easier than ever and enables both optimal website performance and additional features that do not work with HTTP. For Google, the use of HTTPS is also a ranking factor – it has a direct influence on the position of the website in the search engine.