Hyper Text Transfer Protocol Secure
Hyper Text Transfer Protocol Secure, known commonly as HTTPS, is the secure version of HTTP. In order to be classified as secure, a website must procure an SSL certificate which garners the HTTPS designation. This certificate ensures a secure connection, particularly for those sites that transfer sensitive information, such as credit card info or passwords. Thanks in large part to the growing popularity of HTTPS as well as a new iteration of Chrome (56) that will more clearly differentiate between HTTP and HTTPS, a looming question on a lot of people’s minds is, “Does HTTPS affect search engine optimization?”
The answer to that question is not totally clear or decisive at the present moment.
One thing is for sure, though: HTTPS seems to be the way of the future regardless of its impact on search engine ranking.
Google’s HTTPS Plan for January 2017
Google recently announced that by the end of January 2017, Chrome will begin explicitly labeling all HTTP connections that have credit card or password fields as ‘non-secure’.
In the past, Chrome hasn’t labeled any connections as outright non-secure. Chrome 56, the latest iteration of the popular browser, might just flip that script come February. Instead of simply omitting the little green “Secure” designation (pictured below), the browser will display a red “Non-Secure” addendum that will signify to the end user that the site doesn’t have the same level of security as sites with SSL certification.
As with other major changes that Google has rolled out in the past, this change will come incrementally, and the standards will become more stringent over time to ease businesses and consumers through the transition as painlessly as possible. Their end goal is to make the internet a more secure place for everyone involved.
How Does HTTPS Keep Connections Secure?
In a discussion of HTTPS versus HTTP, it’s impossible not to touch on SSL (Secure Sockets Layer) certification. We just briefly mentioned it in the above section, but it absolutely bears a more thorough explanation.
During a secure session, the SSL certificate enacts a sort of chain reaction that starts with an ‘SSL handshake’. This handshake establishes a unique, secure connection between the browser and the website itself. By comparison, sites that are simply HTTP communicate with the respective browsers in ‘plain text’, thus making it incredibly easy for hackers to intercept and read all communications between the site and the browser. That’s precisely how identities are compromised via HTTP sites.
Due to countless identity fraud cases and scares all around the world, secure web browsing has swept the web over the past couple of years. Today, more than half of the pages on the internet are viewed over HTTPS, and the average internet user spends upwards of 67% of their time on HTTPS pages.
Does HTTPS Affect Search Engine Ranking?
In short, yes. To elaborate on this answer, it’s important to note that the algorithms that determine search engine rankings change all the time; they are constantly evolving to keep up with the changing nature of the internet.
Because HTTPS is relatively new on the scene (first proliferated during the early 2010’s), the designation doesn’t majorly affect a site’s ranking.
There is a correlation, however, between top-ranking sites and those that are HTTPS. Among the list of page-level, keyword agnostic features, HTTPS ranks within the top ten, which includes:
- Total number of links
- Hreflang declaration
- Number of internal links
- Number of stripped chars in doc body
- Number of external links
- Whether or not a page uses Google Analytics
- If the site is HTTPS
Of course, correlation doesn’t necessarily mean causation. There are several factors that go into search engine ranking. That said, at this point, it’s hard to deny that secure connection has an effect.
Is it Time to Switch to HTTPS?
Beyond the way it affects search engine ranking, HTTPS also signals to end users that their information is well taken care of on a given site.
With the implementation of the new ‘non-secure’ designations come February 2017, it will become more and more evident to online consumers which sites are to be trusted—and which aren’t so trustworthy.
If you’re wondering whether or not it’s time to switch over to HTTPs, there are a couple of crucial questions you need to be asking yourself.
First of all: do you want to be seen as a secure site? Once all of the Chrome-HTTPS changes have been rolled out, anyone who clicks on your site will instantaneously be alerted to your status one way or the other. And it’s not just Chrome that you may have to worry about. Other major browsers are likely to follow suit in the near future.
Secondly, do you want to provide that extra level of security for your customers or potential customers? Few things dissuade consumers from entering their credit card information quite like the idea that a site is ‘non-secure’.
Lastly, do you want to positively impact your site’s search engine ranking? Though the correlation is slight, it’s real and will likely increase over time as more and more sites adopt the certification. It will eventually (probably) become a basic necessity for websites to be certified secure. Search engine optimization experts tend to agree that, in the future, sites that don’t have the HTTPS certification will be perceived as broken or outdated.
A minor deterrent for some site-runners right now is the cost. In most cases, however, the cost of switching is minimal—somewhere between $500 and $1200, and those costs are on a steady decline. Looking at the bigger picture, switching to HTTPS is almost a no-brainer.
HTTPS does affect search engine optimization (SEO). At this moment in time, the effect is minimal (though positively correlated). That effect is poised to become greater with the changes that Chrome is planning to roll out in 2017.
Regardless, to be on the safe side—quite literally—it might just be time to switch to HTTPS, not just for the SEO benefits, but also for the added security it promises on both sides of the equation.
Especially if your site requires registration with a password or accepts sensitive information like credit card numbers, now is definitely the time to switch to HTTPS.