The first item on the 10-point list that outlines Google Inc.’s business approach is “focus on the user and all else will follow.” The search engine followed that mantra this week in announcing that it is giving credit in its search algorithm to sites that use encrypted connections to send and receive data—HTTPS connections rather than HTTP—and that it may give sites that use encrypted connections even more credit in the future.
“We’d like to encourage all web site owners to switch from HTTP to HTTPS to keep everyone safe on the web,” wrote Google webmaster trends analysts Zineb Ait Bahajji and Gary Illyes on Google’s Online Security blog yesterday. “A big part of that is making sure that web sites people access from Google are secure.” They add: “We hope to see more web sites using HTTPS in the future.”
Google is pushing for encrypted transmissions to and from all web site pages, not just the ones retailers typically encrypt, such as login or checkout pages where consumers enter their personal data. Encryption would add protection to data in transit, making it tougher for thieves to intercept.
Google describes the credit web pages with HTTPS encryption get in its search algorithm today as “very lightweight,” and that it carries less weight than other signals like high-quality content. But the search engine says it may give the signal more credit in the future.
Pleasing Google’s search algorithm is important to e-retailers because the algorithm determines where their pages show up in organic search results, and high placement means more traffic.
The push to encrypt more transmissions isn’t new. Google made HTTPS the default for Gmail and Google Apps transmissions in 2010, and has encrypted search query data for logged-in users since 2011. Twitter began offering users the option to encrypt their transmissions in 2011 and then made it the default setting in 2012. EBay Inc.’s PayPal and Facebook also encrypt. The non-profit digital rights group Electronic Frontier Foundation launched a Firefox browser extension called HTTPS Everywhere in 2011 that consumers can use to automatically make sites use HTTPS connections, and the Online Trust Alliance has championed HTTPS encryption through an initiative called Always On SSL for more than three years. The OTA is an industry group that aims to build trust and empower web users, while promoting web innovation.
One concern some web site owners have had about encrypted transmissions is that they can slow page load time and overall web site performance. Experts say this was true in the past, but that encryption technology has improved to the point where lags, if any, are nominal.
“The performance hit is largely a myth at this point,” says Tim Kilroy, CEO of search marketing technology vendor AdChemix and a former e-commerce executive at retailers Wayfair LLC and Karmaloop Inc. “Any speed slowdowns caused by encryption are minor, and fundamentally, if everyone is doing it, everybody will be that much slower, so it will all even out.”
Craig Spiezle, executive director of the OTA, says companies that have moved to always-on HTTPS haven’t been adversely affected. “Twitter, Facebook, Microsoft, Alaska Airlines, Bank of America and others saw little impact to server performance,” he says. “While technically it does take some more resources it does not slow down the connection. [Always-on HTTPS] really is a best practice to not only protect the user and their privacy, but their sign-on credentials from being compromised, which will impact a sites bottom line.”
With Google commanding 68% of U.S. web searches, per comScore Inc. data from March, retailers who pay attention to HTTPS could benefit from a little SEO bump. “You won’t get de-indexed [by Google] if you don’t do HTTPS, but you will be on the right side of things if you do,” Kilroy says in describing the potential consequences on SEO. “Google is rewarding you with some potential SEO love if you do the right thing for your visitors.”