SSL certificates are mandatory starting October 2017




SSL certificates are mandatory starting October 2017

Anyone working in online has heard about the SSL certificate. Until now, only online shops paid attention to it, but Google will change the rules of the game starting October 2017, when the SSL certificate will become mandatory for any site that includes personal data fields.

What is the SSL certificate and how does it work?

SSL certificates' purpose is to secure online information exchange (for example, credit card information, passwords and other personal info). So, an SSL certificate represents the warranty that data exchange takes place in a secure environment, without the risk of it being stolen or modified. If the site where the user inputs personal data has an SSL certificate, the informationis encrypted and it can be decrypted only by the server it is sent to.

Why does the SSL certificate become mandatory?

Until now, only online shops were encouraged to have an SSL certificate, in order to ensure users they can make online shopping and online transactionsin a safe environment. Given that more and more sites, not only e-commerce sites, started to process personal data (lsuch as name, password, address etc), Google decided that, from October 2017, every website owner should also own an SSL certificate, in order to guarantee data privacy and to prevent it from being used by unauthorized persons. Also, SEO specialists consider that Google will take the SSL certificate into account for SERP, from now on.

What types of SSL certificates are available?

Depending on the size of your business, you can opt for one of three SSL certificates:

STANDARD - it secures a single web domain (with or without "www"), excluding subdomains;

WILDCARD - it secures a single web domain, including its subdomains;

EXTENDED VALIDATION - it secures the whole company, regardless of the number of domains and subdomains.

Each of these certificates offers the final user an insurance between 10.000 and 1.000.000 dollars, if personal data is decrypted by an unauthorized person, after an online transaction on a website with an SSL certificate.

How can you get an SSL certificate and how long does activation take?

SSL certificates can be bought from most web hosting platforms. The Standard and Wildcard certificates are activated minutes after the payment confirmation, while Extended Validation can take up to 7 days, in order to confirm the company's legal, operational and physical existence and to demonstrate that the user has exclusive rights to use that domain.

All SSL certificates are compatible with most browsers and devices, supporting strong encryptions like SHA-2 or 2048-bit.

What happens if your site doesn't have an SSL certificate starting October 2017?

All site owners received notifications in Google Search Console, in which they are advised to switch from "HTTP" to "HTTPS", by acquiring an SSL certificate. Starting October 2017, Google will display an "UNSAFE" warning to users who are trying to input personal data on a site that didn't migrate to "HTTPS".

So, in order not to risk and not to offer your site's users a negative experience, we recommend buying an SSL certificate. Better safe than sorry!