Business tips

Earning the Google Chrome seal of security

Web security should be one of the very highest priorities for any manager of an e-commerce business, and it is particularly important to ensure the security standards of Google’s Chrome browser are met. Why Chrome in particular? Because the browser boasts an increasingly dominant share of internet users.

According to web developer site, in 2015 Chrome’s market share grew from an already respectable 61.9 per cent to 68 per cent. As data losses and breaches continually make headlines, internet users are becoming more familiar with, and comforted by, the green padlock symbol in the address bar. If your site does not show the green padlock, customers will not be as confident to share their details and, as of recently, you’ll also notice your search engine ranking beginning to slip.

What does the green padlock actually mean?

“It means three things,” says internet security expert, author and speaker Troy Hunt from “First of all it indicates confidentiality, meaning nobody is able to view the contents of the page when it is in transit.

“It also means integrity. Without it, how would you know that your sensitive information – when you send it back to the server – is actually going to go where it should go?

“Finally, it means authenticity. You can have confidence that the site’s content has actually been loaded from a legitimate site and is not from somewhere else. It is not somebody that has managed to hijack the domain or your own computer. These are the three most important messages you can get from the green padlock.”

How do I get Google Chrome green padlock status?

Earning a green padlock, Hunt says, in most cases is fairly uncomplicated. It is a matter of going to a certificate authority (a CA) such as VeriSignGeoTrustComodo or DigiCert and following their recommended steps to prove that you own the domain.

Once that is completed, usually in a commercial arrangement involving an annual renewal fee, the CA will issue a certificate that is then loaded into your website. Once it is properly configured, you can make an HTTPS request and your green padlock appears.

The process is becoming easier and more common; so much so that Google has announced it will use HTTPS as a ranking indicator, Hunt says.

“If you have HTTPS you’ll be bumped up the search rankings,” he says. “This makes sense because the search engine has a greater degree of confidence in the legitimacy of your site. That is a very interesting by-product of having a secure site.”

Further cyber security with an EV certificate

As businesses and customers become more knowledgeable about site security, e-commerce site managers should consider looking into the next step of security known as an EV (extended validation) certificate, Hunt recommends.

“EVs are particularly used by financial institutions but also often in e-commerce scenarios,” he says. “When a site has an EV instead of just a green padlock in Chrome, you see a big green bar containing the name of the organisation. This gives consumers increased confidence around who they are actually talking to.”

The validation process, which often includes checking a business’s contact details, costs a little more each year but means a great deal more to consumers.

Services such as CA and EV certifications are becoming increasingly affordable, usually a few hundred dollars annually. In fact, Hunt says, they’re well on their way to becoming free.

“This is primarily because we’re moving rapidly towards a web that is encrypted by default,” he says. “The rates of adoption of secured connections are going up very rapidly. This is a very positive development.”

What are the benefits of a secure website?

Site security boosts consumer confidence, assists search engine ranking and helps to protect a business from the serious, brand-damaging and expensive ramifications of data loss, which is an increasingly common scenario, Hunt says.

“What you are protecting against is someone getting into the middle of your communications,” Hunt says. “The current surge towards site security is a bit of a rising-tide-lifting-all-boats scenario. But if you’re the e-commerce site that doesn’t bother taking security too seriously, don’t be surprised if you’re sunk.”

Related articles

How to prepare for Amazon in Australia How to prepare for Amazon in Australia
The Australian retail industry is getting jumpy about the arrival of Amazon next year but it doesn’t have to …
A little bird told me: Marketing secrets from an award-winning eCommerce retailer A little bird told me: Marketing secrets from an award-winning eCommerce retailer
Most of us have heard of the fashion retailer Birdsnest, which means the company’s marketing strategy is seriously working. …
Is WhatsApp the future of conversational commerce? Is WhatsApp the future of conversational commerce?
With one billion daily active users sending a staggering 55 billion messages per day, WhatsApp is a force to …
Infographic: The rise of food delivery apps Infographic: The rise of food delivery apps
With the ABS reporting that 40 per cent of Australians feel they are always or often pressed for time …

Sign up to our newsletter

Online payments
just got easier