Most of us have spent enough time online to notice some websites have “http” at the beginning of their URLs, while others use “http”. However, many people don’t understand the difference between the two. To make things simple, the S in HTTPS stands for Secure, and what we call SSL is a “Secure Sockets Layer.” The term SSL is still widely used to describe a critical aspect of web security, though you should note SSL has become insecure and has been superseded by the more secure Transport Layer Security, or TLS. This kind of cryptographic protocol is not only essential to the security of your website, but also has a major impact on your organic visibility, SEO, and website performance.
Why Does an SSL or TLS Matter?
SSL/TLS is the foundation for secure browsing; it protects users from sharing their sensitive personal information. A TLS Certificate is a small data file that digitally binds a cryptographic key to a website’s details. In layman’s terms, this certificate creates a secure, encrypted connection between your browser and a web server. This secure connection means the encrypted information can ONLY be opened and seen by the user and the website—preventing the connection from being hijacked or intercepted.
So why is this secure connection so important? Say, for example, a user visits an eCommerce website and they’re asked to submit personal information like their email address, mailing address, credit card information, or bank account number. What many people don’t realize is the information the user provides is passed from computer to computer before reaching its final destination. Without a TLS certificate, that sensitive information could potentially be acquired by any of the computers that it passes through. The TLS safeguards that personal information so it can only be seen at the final web server that the user sends information to.
This process makes TLS vitally important to the security of your websites and users. Not only does TLS protect user information by encrypting the connection, it also verifies you are actually connected to the right server (rather than a server that intercepted your traffic). In case the security of your entire website wasn’t enough, SSL/TLS also has a significant effect on your SEO ranking.
How Does an SSL or TLS Affect SEO Rankings?
Google and the other major search engines have coined a term called “trust factors” or “trust seals” that signify a website’s identity is authentic, the site is legitimate, and the site is not susceptible to data breaches. These “trust factors” can include badges from the Better Business Bureau, detailed privacy policies, and most importantly, SSL/TLS certificates. Sites that utilize these trust factors are more likely to receive higher quality scores and hence, better SEO rankings.
During the summer of 2014, Google explicitly stated websites would receive a ranking boost if they featured a TLS certificate. In addition, they provided the following “best practices” for getting started with TLS:
- Decide the kind of certificate you need: single, multi-domain, or wildcard certificate.
- Use 2048-bit key certificates.
- Use relative URLs for resources that reside on the same secure domain.
- Use protocol relative URLs for all other domains.
- Check out Google’s Site move article for more guidelines on how to change your website’s address.
- Allow indexing of your pages by search engines where possible. Avoid the noindex robots meta tag.
While the amount of ranking boost provided by implementing TLS is still unclear, we do know that Google can severely penalize unencrypted sites. And in January of 2017, Google announced any Chrome browser users would be warned before entering unencrypted websites. Since Chrome is the primary browser for over 55% of web traffic, this is something that should not be taken lightly.
If you fail to include SSL/TLS on your site, not only can your site be demoted in search engine rankings, your users are less likely to make purchases or interact with your webpages. According to SSL.com, implementing SSL/TLS securely can lead to dramatic improvement in a website’s conversion rate. And in contrast, lacking SSL/TLS protection can have negative effects on conversion rate.
Integrate TLS on Your Sites Immediately
In conclusion, SSL/TLS certificates are vital to any website, but especially important to the performance of online stores or eCommerce sites. Without encrypting your website, you are leaving yourself susceptible to malicious attackers, data breaches, and lost customers. Unencrypted websites are much less likely to rank well in search engines, and even less likely convert users into customers.
If you’re concerned about the security or performance of your website, contact ABT’s cybersecurity department, or continue reading the ten critical elements of a successful retail e-commerce website.