Three Reasons Why You Should Care About HTTPS

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is a protocol for secure communication over a network, e.g. the internet. Simply put, it authenticates the website you are visiting, and ensures that data exchanged on the website is private and secure.  

Up until recently, it was enough that booking engines and e-commerce solutions were secure to protect credit card details and other sensitive information. So, what’s changed? Why should you invest in making the rest of your site secure?  

1. People expect this on sites

HTTPS has moved from something usually only seen on online banking and payment pages to something you see everywhere. Google reports that 50% of page loads are now on HTTPS connections.

There are several good reasons for making your site secure. With a standard HTTP connection, it is possible for unauthorized parties to eavesdrop on your users browsing activity. With the abundant growth of Wi-Fi hotspots, which are often insecure, that has become something that anyone can do, not just highly technical “hackers”.  

It is also possible for someone to do a “man in the middle” attack between your website and your site user. This could be something as simple as embedding some malicious JavaScript code into the content returned from your site, which could do anything from displaying unwanted ads, to attempting to exploit browser vulnerabilities to hack users’ computers.  

The same type of attack could also do things like modify links on your website (e.g. to your booking engine) and redirect users to a fake booking engine, which could steal user card details, and quite conceivably take money off them in real time, disguised as a large booking deposit.  

2. HTTPS makes browsing more secure

HTTPS adds a layer of security to browsing. It encrypts all the data between your site and the end-user’s browser, which prevents eavesdropping. It protects the integrity of the data, and provides authentication to ensure that people are communicating only with the intended website, and to prevent malicious corruption of the data like “man in the middle” attacks.  

In short, HTTP is not secure, and users are now expecting a secure and private experience when they are online. Browsers like Google Chrome and Mozilla Firefox have started making it obvious to users that they are on an insecure page if that page is looking for credit card information or passwords.  

However, Google have said that in the future, any pages which are not HTTPS will be highlighted in chrome with a visible warning.  

3. Google has stated publicly that HTTPS is now a factor which helps with your sites Google ranking

As with most things involved with Google ranking algorithms, it’s difficult to put an exact figure on the ranking increase as there are a lot of additional factors involved, such as good SEO practice. However, there’s no doubt that there is a boost, and it’s obvious that this is going to be a much more important ranking factor as time goes on.  

Google have even said that they are going to start actively penalising non-HTTPS pages in the future, so this is something you really want to avoid.  

There are already secure pages on your website, but a full upgrade will further protect your website

If you already have a booking engine with Aró, rest assured that those pages are already secure. Upgrading your whole website to HTTPS however goes that step further to make the full journey from website to booking a room as safe as possible. It also gives visitors assurance that you are security conscious, and that could well be a factor in them choosing to book a stay with you today.  

If you are interested in updating your website to HTTPS, please contact your Aró account manager. Not currently a client? We would be happy to advise, so please don’t hesitate to contact us.