As of July 2018: Google Chrome’s “Not Secure” Label, Are You Prepared?

As of July 2018: Google Chrome’s “Not Secure” Label, Are You Prepared?

Last updated on by Ted Vrountas in Conversion Optimization, Instapage Updates, Marketing Agency Tips

Earning conversions, generating leads, winning customers — they’re all dependant upon one thing: trust. Without it, you don’t stand a chance.

On your post-click landing pages, trust indicators are subtle and powerful. Testimonials, badges, and HTTPS protocol are just a few things your prospects will look for before they consider trading their sensitive personal information for your offer.

And starting in July, without one of those trust indicators, your conversion rate could majorly plummet when Google Chrome marks all pages without HTTPS as “not secure.”

Google Chrome: “Not Secure”

In a recent blog post, Google Chrome Product Security Manager, Emily Schechter, said that informing users of unsecure web pages is something Google’s been gradually pursuing:

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure.” Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure.”

Currently, a neutral indicator is displayed for sites using HTTP, but come July, will appear like this at the top of all web pages that don’t use HTTPS protocol:

Google Chrome not secure URL

This kind of indicator isn’t completely new, as Chrome began marking web pages last year as “not secure” when they requested sensitive information like password and credit card without HTTPS:

Google Chrome not secure warning

And just two years ago, a report from Google showed that 79 of the web’s top 100 sites still didn’t use HTTPS.

Fortunately, according to Schechter, the web has since made tremendous progress toward more security:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

Still, 1 in 5 of the web’s top sites don’t use HTTPS. And when you consider the consequences of not doing so, it’s easy to see why Google’s chosen to flag sites that aren’t secure.

What is HTTPS encryption and how does it work?

Websites using HTTP leave visitors open to attack. Before a web page loads in a browser window, malicious third parties can view or manipulate its content to steal personal information.

With HTTPS, however, there’s an added step to the process: First, a browser will request an SSL certificate (“secure sockets layer”) — the web standard security technology for establishing encrypted connections online — from the web page.

If that page can provide one, a secure connection is established, and the user is directed to the web page. The ensuing session is encrypted and data can be more safely transferred.

If that website can’t provide the SSL certificate, a secure connection isn’t established. These are instances in which Chrome, the web browser of choice for more than half of all internet users, will notify visitors with a “not secure” label.

What this means for post-click landing page creators

In many industries, marketers are required to adhere to security and privacy standards like PCI-DSS and HIPAA to collect information and run transactions.

However, this new change from Google doesn’t simply impact businesses in those sectors, but all website owners that don’t use HTTPS protocol. Specifically, the “not secure” label will hit post-click landing pages using HTTP harder than all others, since these are pages designed solely for the purpose of capturing visitor information.

Web users may not glance up at the address bar of a blog or a homepage to determine if it’s safe, but they’ll certainly look for that security indicator on a post-click landing page. So how do you make sure your visitors and your post-click landing page conversion rates are safe?

How to combat the “not secure” label

Simply, beating Google Chrome’s “not secure” label comes down to using HTTPS — requesting certificates to ensure that all data transfer is safe as can be.

For developers and the code-savvy, Google’s open source Lighthouse tool can help make web pages more secure with audits and self-help instructions.

For post-click landing page creators who don’t know much about the back-end operations of a web page, avoiding Chrome’s “not secure” label is as easy as signing up for a Core, Optimizer, or Team & Agency plan with Instapage.

Unlike the original Instapage plans, these come with SSL certificates built in, which means…

  • You can ensure safe submission of personal information through lead capture forms on your post-click landing pages.
  • You can also ensure you don’t scare off visitors with a “not secure” label was attached to the address bar of your post-click landing page URL.
  • You’ll better adhere to transactional security regulations in your industry.

And on top of all that, you’ll have the newest tools for boosting conversion rate, packed into the most robust post-click optimization platform on the web. Those include:

  • Instablocks™: Make designing new pages faster than it’s ever been. Edit your elements — text, images, widgets — and save them as blocks to drag and drop into new templates or duplicate pages exactly as you want them.
  • Heatmaps: Uncover where your visitors are scrolling and clicking to plan out tests that boost conversion rate.
  • The Collaboration Solution: Work with your entire team in real-time on the same post-click landing page. Invite shareholders, click to make comments, and view correspondence in an easy-to-read comment feed accessible from the dashboard.
  • Easy A/B testing: Duplicate your page with the click of a button, then edit the elements you want to test against each other.
  • The industry’s most advanced analytics: Monitor your KPIs with the industry’s most advanced analytics. Set display rate percentages, view periodic conversion rate, and statistics unique to each of your post-click landing pages.

Don’t let HTTP kill your conversion rate

While many users have updated to our newer plans and have access to all these features and more, some are still on the original Instapage plans. Starting in August 2018, all users will have to update to one of our new plans.

Keep in mind, any Instapage legacy user that hasn’t updated by July will receive a “not secure” label from Google Chrome on their post-click landing pages. So if you want to avoid the potential negative effect on your conversion rate, it’s best to upgrade sooner rather than later.

Get access to all the above features, and avoid Google’s “not secure” label by upgrading to one of the new Core, Optimizer, or Team & Agency plans.

blog CTA Instapage use reasons
Ted Vrountas

by Ted Vrountas

Ted Vrountas is a content writer at Instapage who hates most marketing content. As a human among marketers, his goal is to write words people actually want to read.

Turn More Ad Clicks into Conversions

Try the world's first Post-Click Automation™ solution today. Start a trial or schedule a demo to learn more about the Enterprise plan.

Subscribe to the Instapage Blog

Get the latest trends, tactics, and thought leadership for advertising conversion and post-click automation.

You will only receive quality content.

We use cookies to give you the best experience on our website, deliver our services, personalize content, and to analyze traffic. By continuing to use our website you agree to allow our use of cookies. To know more please refer to our Cookie Policy.
Got it close