Starting in January 2017, Google’s web browser, Chrome, will treat any website encoded in HTTP as a non-secure site if it transmits credit card information or passwords, the tech company has revealed. HTTPS - Hypertext Transport Protocol Secure - is the preferred method for transmitting personal information online. It includes encryption using either Secure Sockets Layer (SSL) or Transport Layer Security (TLS). HTTP, the other form of the main programming language used in website development, does not use either of these encryption methods.
Chrome currently does not flag HTTP connections as insecure, but it does not show that they are secure, either. Instead, they are treated as neutral. The issue with HTTP websites is that, as explained by the security team responsible for Chrome, anyone can view the website someone is viewing if they are on the same network. Often, the other party may be able to change the website while it is being viewed, creating a major security concern. HTTPS, on the other hand, cannot be viewed or manipulated in any way.
Google is concerned about users sending personal information across unsecured websites because this opens the door for identity theft. As the most popular web browser in use today, more than half of all internet users access websites via Google Chrome. By making users more aware of online security, Google hopes to decrease online identity theft.
If you would like to prevent identity theft, check out our credit monitoring service.