Http (Hyper Text Transfer Protocol) is a protocol which ensures a connection is established between a browser and the website you are attempting to access. Over time a number of security flaws within https became prominent. The connection between the browser and website was not encrypted, therefore, meaning if a hacker hacks into your session they will have the ability to read the communication. This became riskier with online overtaking a lot of aspects of our lives, especially when online payments and transactions gained popularity. There was a need to add an extra layer of security which would protect users even when their browsing session was being watched. With the rise of encryption, Hyper Text Transfer Protocol Secure (Https) was developed to solve the problem of “plain text” browsing session. When using Https, even if someone breaks into your browsing session, they still won’t be able to decrypt it.
How Does HTTPS Work?
Usually the protocol used to encrypt communications is SSL (Secure Sockets Layer). The idea of SSL is that the website has public and private keys. The public key is accessible for everyone but the private key is generated for you and for that given session. When the website’s public key and private key match, a virtual handshake happens and you establish a secure encrypted connection.
Why is it necessary to have HTTPS connection for both sides of the connection?
Having a secure end to end connection is beneficial not only for the users’ privacy but also from the website’s perspective. Internet browsers such as Google Chrome and Mozilla Firefox now notify website visitors if the website, they are browsing, has the old http connection and alert them that their connection is not secure and encrypted. This is a huge turndown and a large amount of people will simply abandon the session. This is particularly important in this day and age, as more and more websites receive online payments for their products and services. If a user navigates to a website and the browser has a warning that the website is not secure, there is little chance they will input their bank details and purchase the products or services, the website offers.
Https for SEO
Few years ago Google announced its intentions to change the world wide web, to ensure a secure https connection was being used. As part of their efforts Google have announced that websites using https will rank higher in search results and essentially have an SEO edge over those websites that don’t use https. By simply adding https as a ranking factor in their search algorithm, Google has made the SEO community and consequently the websites they own and manage – switch to https in a short period of time. Currently, having https and the green lock in front of your domain name is crucial.
Working in digital marketing and managing multiple clients means we have to do these checks and occasionally stumble upon websites who haven’t switched to https yet. This is something we ensure all our clients websites have, as it not only affects SEO but also user experience and conversion rates as well. If you have further questions about https or you would like us to have a look at your website and make it secure, please make an online enquiry, call us on: 0203 911 9715 or contact us via email: email@example.com.