Chrome update and the SSL Problem

Google Chrome may be showing your site as ‘unsecure’ in the address bar next to the URL, following a recent update in January 2017. This followed a prior similar update in October 2016. This update could be a problem to your e-commerce site, hampering sales and causing retention issues . Why? Read on on to find out…

Google Chrome is the most widely used desktop browser.

There are three current states of the security indicator:

  • Lock Secure
  • Info Info or ‘Not secure’
  • Warning Not secure or Dangerous

Why is this a problem for your e-commerce website?

If you aren’t using SSL across the entire site, but you have a login form present anywhere on your website template, visitors will see the following on every page :

Clicking on the icon or message then tells you that the site isn’t secure, and you should’t enter any information including credit cards. This would be correct if they were seeing it whilst at your checkout pages, but it appears on any page that uses the login form, including your homepage . As Chrome is the browser of choice now above IE and Edge, this change is most likely costing you sales in 2017 without you even realising.

Even though you may be serving your checkout pages as https secure, Chrome will still tell your visitors that they shouldn’t be entering any details into your site when viewing other pages. Once they see this (rather poorly worded) message, they will most likely leave.

Why don’t we just remove the login form?

This is the first thing you should do (serving it via https wont work). But will it solve the problem? Let’s see.

The ‘not secure’ message has gone, but there’s still that ‘i’ icon there. Click that, and again, you’re told that you shouldn’t enter any details or credit card information. Chrome is still saying your site is not secure to anyone who sees or clicks that icon. This is of course incorrect if you’re using SSL for your checkout pages.

So, our checkout uses SSL, our credit card section is secure. That’s enough, right?

Not to remove the icon or the message, no. Not in the eyes of Chrome. The *only* way to fix this is by going fully SSL (https) across your entire site. Only then will you see the following on your homepage and other pages.

 

Well, its not too bad, we can live with the little ‘i’ icon. I’d be surprised if visitors see it.

You’re probably right, most won’t see it, and even less will know what it is. But, at some point in the very near future on an upcoming release of Chrome, Google will be rolling out another update that replaces the ‘i’ icon with the first ‘not secure’ icon and message above, regardless of whether you’re using a form or not.

So, what do we do to keep our visitors happy and our sales on target?

Pur simply, you switch to full SSL across your entire site.  You have no choice any more if you wish to retain visitors and sales.

This is all part of Googles push to get us all to switch to SSL on a site wide basis, which is of course absurd and unnecessary. In recent times, google tried to convince us that using https will give a ranking boost. It never did.

How do we switch the entire site to https?

The answer to that is ‘very carefully’. Don’t rely on your web designer or developer to do this, or try it alone. It needs careful SEO implementation, and testing.

To find out more, contact us on the below form or call 01283 617140.

By |2017-03-17T14:10:17+00:00February 27th, 2017|SEO|0 Comments