What Google’s new SSL changes mean for your website

In case you haven’t noticed, Google Chrome, one of the most commonly used web browsers out there, has recently changed the way it displays website SSL certificates.

For a long time, if a page on a website had a valid SSL certificate, it would display something along the lines of this:


That all changed in 2017. From now on, visitors will see this:

See that big green Secure in between the padlock and the https?

Yep, that’s a new addition, and it matters because of what it says about your site. While the meaning of the SSL certificate hasn’t changed (any data visitors send to a site will be encrypted), psychologically, seeing the words Secure next to a URL can only be positive for merchants who have it.

That’s why it’s so important for you to install an SSL certificate on every page of your site.

Think about it: if your customers are going around to their usual sites—Google, Amazon, Facebook—and at each one they see the words “Secure”, what are they going to think if they land on your site and see … not that?

Whatever they think, they probably won’t think your site is as secure as the big players, even if it is—which is exactly the kind of doubt you need to put to bed to get them to do business with you. That’s why an SSL on every page is so crucial.

That’s not the only change coming to Google Chrome

On January 31st, any page that has a credit card entry field or a form that doesn’t have a valid SSL certificate will also change. Here is a side-by-side comparison of two pages without an SSL cert:

not secure


Again, that’s quite a psychological leap for your customers. A little “i” inside a circle is a lot less ominous than the words “Not secure”.

And that’s nothing compared to what’s coming:


If you’re anything like us, the first thing you did when seeing that was wince and think, “Yikes”.

There’s no official word when exactly these changes are coming, but if anything, they should motivate you to put an SSL certificate on all your pages so you don’t get caught unaware.

Why is Google doing this?

For several years, Google has telegraphed this move. They’ve even encouraged people to switch to HTTPS by making it a (relatively small) part of their ranking algorithm.

Fundamentally, the move is about creating a safer web, where even accidentally sending unencrypted information is more difficult.

And while it may seem like a pain for you now, imagine how furious your customers would be if they sent personal data over an unencrypted channel.

My business is on a platform. Does this affect me?

Good question.

While many platforms provide a secure checkout—usually on their own domain—we think it makes sense to have your own SSL for all your pages. Not only will you be improving your search ranking in Google AND avoiding having the words “Not secure” plastered next to your URL, you’ll also keep your checkout on the same domain as the rest of your site, making the shopping experience feel more uniform and professional.

It’s your move

At the very least, you need to make sure that any page of yours that has a credit card field or form also carries an SSL cert. January 31st is rapidly approaching and we strongly encourage you to avoid the association of being “Not secure” in Google’s eyes.

The better move, however, would be to cover all your domains, all your pages—every single inch of your online business—with an SSL certificate.

What’s more, you’d be surprised at how affordable high-quality SSL certificates can be, even if you’re getting them for an entire domain, or multiple domains. McAfee SECURE SSL certificates, for example, start at just $69 per year.

Google’s changes are coming, and since over 50% of the world’s internet population uses Chrome as their primary browser, this move is in your best interest.