HTTP vs HTTPS: Encrypted Connections On The Rise

March 31st, 2016   |  

A couple of decades ago when the internet was still in its infancy, the first online shops were created. Consumers were learning that they could visit a website, shop for products, and submit their credit card information online to complete the purchase all from the comfort of their own home. Although the process sounded convenient, online shopping took a while to catch on. The public wasn’t ready to fork over their credit card information to a random page on a screen managed by “who knows who” at “who knows where”. It was a scary proposition!

We’ve come a long way. It’s almost difficult to imagine a time without online shopping. Today, the average consumer feels quite confident making a purchase via the internet. Many procedures, tools, and services have been made available since the early days to help consumers find reputable merchants and ensure that safe and secure transactions take place consistently. However as the internet continues to evolve, there is one long-standing protocol that is shifting from being “handy, but optional” to “highly recommended” for most professional websites: HTTPS.

What is HTTPS?

door-green-closed-lock_sm

You’ve definitely seen and experienced HTTPS if you’ve ever used PayPal, Amazon, or any other popular web merchant.

HTTPS stands for Hypertext Transfer Protocol Secure – take special note of the “secure” part here. Put simply, this is a more secure version of the standard HTTP protocol that manages the flow of data from a website to your browser. It typically uses either SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to encrypt all communications.

Of these layers, SSL is far more commonly used on websites today especially during purchases or exchanges of personal information. Again, if you’re an online shopper you’ve probably seen this before. Ever noticed a padlock or a thick, green security bar at top of your browser’s address bar? That’s SSL in the works!

mg_newsletter_april_httpinfographic

With HTTPS/SSL, the website owner purchases a SSL certificate from a third-party vendor which contains a public key. Any website visitor coming to the site through HTTPS will first have that SSL certificate sent to their browser. A secure session will be initiated in which the public key (available to all visitors) and private key (hidden on the server) will establish a uniquely secure connection. All data is encrypted and users can rest easy knowing that any sensitive information they may need to distribute through the website is protected. HTTP vs HTTPS [Cheat Sheet]

Why should you care about using HTTPS / SSL on your site?

The first reason shouldn’t come as any surprise. As we mentioned in a previous article on network risks and VPN benefits, it’s fairly easy for hackers to intercept information about users’ internet sessions especially if they’re using a public Wi-Fi connection. This is definitely not a risk that you, as a respectable merchant or professional organization, want to put your site users through.

Keep in mind that experienced online purchasers are somewhat acquainted with the concept of HTTPS and SSL verification. When users see the little padlock or green bar at the top of the browser, your website immediately gains more credibility in their eyes. They suddenly feel safer transferring their personal information through your system because they know you’re using a secure connection.

hand-laptop-notebook-typing_sm

If your website doesn’t involve transactions or sensitive information, you may be thinking – “Gee, I guess I don’t need to worry about using HTTPS.” Don’t be so sure!

Google has been pushing for all websites to adopt HTTPS for a few years now. According to Moz.com, Google confirmed in 2014 that HTTPS sites could qualify for a slight SEO boost when matched against other sites using standard HTTP. Couple this with consumers’ growing demand for encryption and defense against hackers and you can count on HTTPS being an expectation by most, if not all, internet users in the coming years.

How do we know Google’s HTTPS advocacy is catching on? Google is actually tracking it quite carefully through a publicly available “HTTPS Transparency Report.” According to TechCrunch, the recent findings show that just over 75% of requests to Google’s servers are using encrypted connections. Just 2 years ago in early 2014, only about 50% of requests were using encrypted connections. It appears to be catching on fast! You can see the progression for yourself:

mg_newsletter_april_googlechart

Switching to HTTPS and SSL doesn’t have to be a huge hassle. We can help!

If you have an existing site on the web, you’re currently attracting (or hoping to eventually attract) several users each day, and you’re NOT using HTTPS . . . it’s time to consider making the switch.

This typically isn’t a time-intensive process, but it does involve some careful tweaks and error checking. The conversion process requires that all site elements are behaving properly, SEO optimization is preserved, and redirects are in place to make sure former HTTP requests are now pointed to HTTPS.

Media Genesis can assist with this process and handle the more delicate website and server adjustments. We can also help you register a SSL certificate from a third-party and properly install it on your hosting platform. If you’d like more information about converting your site from an open door to a secured, iron-locked gate send us an email at inquiry@mediaG.com or give us a call at 248-687-7888.

Posted in News.
Related Articles