That Extra “S”—When HTTPS Pays Off

It shouldn’t take a massive data breach targeting one of the world’s largest credit reporting agencies to drive home the point that internet security is as critical as ever. But after the recent Equifax nightmare, more and more entities are examining their internal policies and web settings in order to avoid falling victim to a hack. Small- and mid-sized ecommerce merchants are not behemoth data aggregators, but even a single breach can spell disaster.

Virginia-based VeriSign, a key player in creating dual-layered security channels that make online interactions secure, was first up to bat. Working off of cryptographic patents, it went to work in 1995 developing digital authentication services to verify identities, bank numbers, and other data used to transact business online.

If nothing else, customers have become more tech-savvy and understand the markers of a secure site. The entry of HTTP (Hypertext Transfer Protocol) to replace or precede the www in address bars was the first step in demonstrating secure traffic. As technology advanced, an “s” was added, resulting in HTTPS, or HTTP plus Security.

How important is it?

Even though most customers aren’t aware that their financial transactions and credit card data is not administered at site level, merely seeing that designation can lead to increased confidence. But is that enough of a reason to convert? On balance, experts say yes.

Swedish internet security watchdog Detectify surveyed ecommerce entities in that country, and determined that fully 60 percent do not direct traffic to HTTPS portals by default. This could be a legitimate security risk. Compromised sites lead to stolen bank card numbers and other identification markers, which is a genuine public relations nightmare.

In 2017, Google is now prioritizing its directed hits to sites using HTTPS security. That’s a huge consideration for anyone who has focused on SEO (search engine optimization) and other ways to rank high in search engine activity. 

And while that be a big factor in deciding whether to migrate to HTTPS, there are considerations you may not know about. The shift interferes in certain site code that runs your operation over the internet. Like any other technical change, it requires attention to details and knowledge, preparation, and an ability to prioritize.


Help is on the way

Luckily, entities in the know are several steps ahead of you, and are happy to share their expertise. Search Engine Watch lays out a comprehensive, easy-to-understand list of steps to take if you decide to hop on the HTTPS train. They include acquiring certificates and updating settings, among other things.

And for further information on how to ensure that traffic to your site defaults to an HTTPS protocol, this primer from DreamHost helps wrap up your project.
​
Even if you invest more time than you think you have in making the switch, a move to more secure internet operations can only be a net positive. Familiarizing yourself with evolving security technology will surely allow you to feel more comfortable with new developments down the road. But perhaps the most important benefit in real time is a grateful clientele who spots the HTTPS designation in your web address, and instantly understands your commitment to making their shopping experience secure. That could be worth everything.