Vend E-commerce – SSL, security, and Google
There are some huge changes coming in 2018 that business owners, developers, and website administrators need to be aware of, especially those who run E-commerce websites. Although it can be difficult to keep up-to-date on the latest security news, trends, and changes, this is the one development you need to know about. In short: Starting in July 2018, any web user that uses Google Chrome will receive a warning when visiting your website without SSL enabled.
SSL certificates:
Simplified heavily, an SSL certificate is a small piece of data that sits alongside your website and certifies that you and your business are exactly who you say you are. One piece of the certificate sits on the website and the other is used by the browser of your visitors. When a visitor loads your website the certificate “authenticates” to your visitor that they are actually visiting your website and not the website of a scammer or hacker. This process also allows for encryption of data from one end to the other, ensuring that no information can be ‘hacked’ while in transit. This process is crucial, and soon required, for any business that processes customer information online (e.g. Ecommerce).
If you have ever seen the “green padlock” when viewing a website, then you have seen SSL in action.
Above: Any website using SSL will begin with “https” instead of “http”
In the past, purchasing an SSL certificate required hundreds of dollars (per year) in fees, plus the time and expertise of a web developer to install it on your server, let alone test the results. In recent years the popularity of free providers like LetsEncrypt has disrupted the industry and made SSL certificates more accessible to smaller businesses.
Google’s content warning
Starting July 2018 Google will show an insecure content warning on every website that does not use an SSL certificate, regardless of if you process or accept any customer information. This is a huge departure from the way Google and other browser developers have approached SSL in the past, and it is likely to confuse many users of sites who don’t make changes before July. Given that Google Chrome accounts for close to 60% of all web traffic in the world it would be wise to take Google seriously.
Above: Starting July 2018 this is how users will see insecure websites. Source: Google
What can I do now?
If you are unsure whether or not your website is currently using SSL look for the green padlock in the URL bar in your browser. If you don’t see the “Secure” message it is possible your website may not have an SSL certificate setup and could be affected by Google’s incoming changes.
We suggest you contact your website designer or developer as the first port of call about any changes to do with your web presence. They may be able to offer you specific advice relevant to your business.
If you’re using Vend E-commerce, don’t have SSL setup on your website, and would like to ensure you are secure then you can also contact us. We’re excited to be the first Vend Partner to provide a full end-to-end service specifically for Vend retailers. We have built a special portal on our website where you can sign up for us to get your website secured in under 48 hours. For more information click here: Vend E-commerce SSL Portal.
Conclusion
Google’s changes are sure to catch many businesses by surprise. The scale of this update is huge, with Google’s own projections showing between 22-32% of websites will soon show an insecure content warning. There are only a few weeks left to make ensure your own website is secure so don’t wait until its too late.