Google has been considering security as a ranking measurement for some time, checking to see if a website encrypts collected information and downgrading sites that don’t. But starting in July 2018, Google’s Chrome browser will mark any site with an input field as “Not Secure” if it does not use an SSL Certificate to encrypt data.
Chrome has a 48.6% market share, and the input field could be as simple as a search box, a contact form, or a login panel.
Here’s the difference between how a site appears now, how it will appear starting in July, and how a secured site appears in the address bar of the Chrome browser.
While it is not fair to be labeled “not secure” when you are not collecting information from anyone, that’s what will happen. Many businesses are getting SSL certificates now to keep that label off their sites.
An SSL Certificate typically runs about $100/yr and needs to be reinstalled to the server each time it is renewed. You can pay for multiple years at a time and you can add a “protected” badge to your site to reassure users that your data is encrypted. Some websites will also require some “behind the scenes” updates to make sure all data on the site uses the encryption.
If you want to secure your site with an SSL before this change takes affect, contact me. It’s better to have this handled before the fact.
My recommendation: if you sell products online or off, collect donations online, or have sign-up forms on your website, you will probably want an SSL, even if you use a secured payment processor (like Paypal).