Moving to a More Secure Web

2 Oct 2017 / Aliesha Ellington

In January this year, Google made big strides in implementing their vision of a more secure web, through a new feature in their Chrome version 56 release, that highlighted sites that didn’t use a secure HTTPS connection.

To begin with, this ‘Not Secure’ flag is only be displayed on sites that collect credit card or password details without an SSL. In the last 9 months, Google found that this resulted in a 23% reduction in the number of people navigating to a non-secure site on desktop. Consequently, this also saw an uptick in the number of sites starting to use HTTPS.

When this move was announced, Google did warn us that this flag would eventually be rolled out to any site still using HTTP, and now it’s arrival is imminent. In version 62 of Chrome, which is due to be released on October 24th, a ‘Not Secure’ warning will show across even more sites.

Since users have a higher expectation of privacy when browsing in Chrome’s Incognito mode, version 62 will mark any site not using HTTPS as ‘Not Secure’ in the address bar when using Incognito. However, when browsing outside of Incognito mode, the ‘Not Secure’ warning will only display when the uses enters data into the website, not on page load. This means that HTTP sites that do not collect any kind of data will not be flagged at all, unless the user visits them in Incognito mode.

chrome 62 updatehttp search

Why do we need HTTPS?

You may wonder why Google is going to all this effort to push HTTPS – what’s the benefit of using secure connections? And why does your site need it?

It’s a common misconception that you only need to use a secure connection on your website if you collect credit card data. And whilst this may have once been the case, people are no longer willing to risk their personal information.

When you submit any kind of information through a website, whether it be credit card or bank account information, or passwords or contact details, this travels across the internet to the web server that houses the site you are interacting with. If this information is not being transferred via a secured protocol, then its open for the world to see. Consumers are becoming more and more security conscious, and are less willing to submit any kind of details through a HTTP connection. Even if your site doesn’t collect credit card info, but you do ask users to submit any kind of  personal information, like a contact form that asks for a customers email address, then using HTTPS across your site is something you should seriously consider.

Besides protecting your customers data, HTTPS connections enable better performance and browser features that are too sensitive to be available to HTTP sites. Plus, at the end of the day, a more secure web is a win for everyone.

How do I get HTTPS?

As Chrome continues to highlight to internet users that they are engaging with a site that has the potential to put their personal information at risk, site owners without HTTPS run the risk of losing customers who aren’t willing to interact with their site.

At this point, if you still use HTTP on your site, you are likely convinced that it’s time to make the move to HTTPS. But how? Fortunately, HTTPS is more accessible than ever, being cost effective and straight-forward to implement.

Switching to a secure transfer protocol is as simple as installing an SSL (Secure Socket Layer) certificate on your website. An SSL certificate enables the HTTPS protocol, and lets your customers know that you are who you say you are. In order to install an SSL, you must first go through a verification process, which varies depending on the type of SSL certificate you purchase. See your options  here.

Domain Validation
The most commonly used SSL certificate is a DV or Domain Validation certificate. This checks WHOIS data to ensure that the SSL certificate applicant is the same person who owns the domain name, and is the most ‘basic’ of the validation checks.

Organisation Validated
This goes a step beyond the DV certificate and also validates some basic information about the organisation that it applying for the SSL. This includes confirming the physical address of the business, plus any licences that might be relevant.

Extended Validation
An EV SSL certificate is most easily recognised by the ‘Green bar’ that displays in the address bar of the browser. This certificate has the most rigourous validation process, and is the highest level of security available. Its commonly used by banks and large corporate enterprises for whom reputation is paramount. 

domain security

Keep Your Domain Secure

Many organisations overlook the security of their domain name when they are developing or reviewing their security policies.

Read More

Cybersquatting

Cybersquatting: How to Avoid Becoming a Victim

Domain squatting, otherwise known as cybersquatting, occurs when a person buys, registers, traffics, or otherwise uses a domain name that is confusingly similar to a personal name or trademark.

Read More

light bulb help

Great Tips for using Freeparking Services

Need some support for your account or service? In a hurry? Log in to your account on the Freeparking website and from the footer menu select ‘Help’, then go to...

Read More

padlock xxl

Password Security and Size is Important! Keys to Making your Password Safe

If you’re like most people, you haven’t put a great deal of thought into creating your password.

Read More


Not sure which plan's best for you? Ask our experts on 0800 373 372


Need More Help?

Call our support team on: 0800 373 372
Email us at: support@freeparking.co.nz

At Freeparking we take pride in making it easy for you to get online. Check out the step-by-step How To Guides and FAQs on ourSupport Site, but if you need more help we want to hear from you. Send us an email and we'll respond not just quickly, but with the right information in language you understand.


Your subscription request has been received, please check your email for confirmation.