HTTPS encrypts the connection between your computer and the web server. This prevents attackers from intercepting data transfers and extracting sensitive details, such as your username and password for an online service. While there are obvious benefits to using the protocol, much of the web continues to be based on the insecure HTTP.
According to Google, considerable progress is now being made as HTTPS becomes more important. The rise of Internet of Things devices and the prevalence of interactions with third-party services necessitates secure connections. General websites are also making the switch, including entertainment and media sites that have begun to turn on HTTPS.
Google has added a new section to its Transparency Report that details how HTTPS usage has been increasing over time. 18 months ago, desktop Chrome users on Windows, Mac and Linux were visiting secure sites around 40 percent of the time. Today, two-thirds of page loads on these systems are made over HTTPS.
A key reason it’s taken so long for HTTPS to see wide adoption is its complexity. In many cases, it’s difficult to implement on existing sites and services. Securing an individual website can be complicated, due to HTTPS’ certificate process. Most sites will face additional trouble in the form of external connections. Ad networks often don’t use HTTPS but are present on many webpages. This can prevent HTTPS working properly across the entire site.
Google said it is continuing its work towards migrating to HTTPS “a no-brainer.” It noted the positive experiences of retailer Wayfair and technology news site CNET, both of which recently transitioned to HTTPS. Neither site noticed any impact on search rankings or overall traffic.
“Security has always been critical to the web, but challenges involved in site migration have inhibited HTTPS adoption for several years,” said Google. “In the interest of a safer web for all, at Google we’ve worked alongside many others across the online ecosystem to better understand and address these challenges, resulting in real change. A web with ubiquitous HTTPS is not the distant future. It’s happening now, with secure browsing becoming standard for users of Chrome.”
The recent rise in HTTPS’ adoption has been attributed to a relatively new service called Let’s Encrypt. The free certificate authority simplifies HTTPS migrations, making turning on HTTPS as easy as running a set of commands. Its offer hasn’t gone unnoticed by site administrators. In March, it issued its millionth certificate. In September, it gave out the ten millionth. Let’s Encrypt is now believed to be the biggest certificate registrar online. It’s a non-profit organisation “run for the public’s benefit.”
“We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can,” says Let’s Encrypt’s website. “We do this because we want to create a more secure and privacy-respecting Web.”
With the tide now turning in favour of HTTPS, web users can look forward to a more secure future while browsing online. The introduction of the protocol across a wide range of sites will help mitigate the impact of Wi-Fi snooping attacks in public areas and prevent information leaking to external sources while being delivered to a server. Google said HTTPS is now “becoming the norm,” providing significant benefits to consumers.