Trust is essential in today’s world wide web – even for non-ecommerce sites. Google and many others now recommend that all websites should have a security certificate, and they give priority to those sites that do.
Traditionally, users looked for secure web communications with banks and e-commerce sites, when entering credit card details or personal information. However, several initiatives led by industry and advocacy groups have encouraged the use of ‘HTTPS everywhere’ in recent years.
As the web has become more social, almost all web communication now involves the use of ‘personally identifiable information’ (PII) in some way – even when we’re not actually sharing financial information.
Any piece of compromised information, however small, can be used in ‘social engineering’ attacks to contribute to personation or fraud.
As a result, HTTPS is fast becoming the norm for all web communication, and digital certificates are now an essential requirement. Websites without SSL are increasingly at a disadvantage. Google already ranks such sites lower in search results, and they will soon begin flagging them in red, meaning ‘not secure’, in the Chrome web browser.