0

Google’s HTTPS Security Updates and What it Means for Your eCommerce Site

In late February 2018, Google announced that its Google Chrome browser would start flagging websites not using HTTPS encryption as “not secure.” Google “Chrome 68” is the version which this change is slated to be rolled out. The release is expected in or around July 2018. As a result, the time to act in preparation for this – is now.


The proposed “flags” which Google is going to present to end users and consumers will not be hidden behind the scenes either. As part of Google’s push for a secure web, they’re taking SSL from being something users look for on information sensitive pages as a must have – and instead are placing it front and center. In the above picture, it shows how end users on a desktop will see the address bar for non-secure sites. On mobile, it will be even more visually discouraging to users showing icons of ‘unlocked’ padlocks with accompanying bold text reading “Not secure” showing.

Whether you feel your site is secure or not is going to be irrelevant come this July. It will no longer be “safe” to simply have your login, registration and checkout pages secure. If you’re in eCommerce, buyers won’t think twice about ditching your site when there’s a big red icon telling them they can’t trust you.

WHY IS GOOGLE’S HTTPS UPDATE IMPORTANT FOR ALL WEBSITES?

 
Since 2016, Google has been rolling out security notifications on some sites. With the new update, every single website will be receiving this treatment in Chrome whether they collect and use sensitive information and forms or not. Is it safe to assume that enough of your users are on another browser like Safari, Firefox, or Microsoft Edge? In short: Not even close. There are going to be other far-reaching effects of this long-term in your organic search results as well.

As of Q1 2018, depending on two of the most trusted sources for browser usage, Google’s Chrome browser represents 57.4% – 60% of the global web browser market share (up from 52.8% just one year prior). For perspective, other browsers like Safari and Mozilla’s Firefox trail behind Chrome at just 14.4% and 5.5%, respectively.

In short, this is why the “Chrome 68” update matters to you: If you’re interacting with your customers online, there’s an overwhelming chance (over 50% likelihood) that when you do, they’re using Chrome.

HOW HTTPS AFFECTS ECOMMERCE, YOUR SITE’S VIEWERS, AND YOUR SEO RANKING

If your business relies on capturing any type of customer lead information online or is in eCommerce industry – what this Chrome 68 really boils down to is the potential for lost Leads, Sales, and Revenue. In 2016 GlobalSign conducted a study which found that 84% of users reported they would abandon an online purchase if they found or were informed that the site was not secure. If the browser-share numbers are anything to go by, that’s nearly 50% of your customers will refuse to transact with you online. That’s nothing to be ignored. That will is lost revenue, that is lost market share to your competitors, and that will result in increased overhead/expenses by taking those customer requests over the phone (for the customers who do call).

Organizations should not be surprised when once-faithful customers of your website or business begin ignoring you. eCommerce is a fickle business where minor headaches in the checkout funnel lead to lost conversions, for every 1 customer that reports a problem – there are typically 5-10 others who did not. This is why having tangible connections and relationships with your customers is all so important. Unfortunately, all the time, energy and expense that has gone into building those relationships will be out the window once users associate you with not maintaining a secure environment if you do not take action.

Let’s make an assumption that all of your visitors are non-Chrome internet browsers (this is highly unlikely), that users use Firefox, or they opt-in to Safari or switch back to IE/edge – your customers are still surfing the web via search engines. As of Q1 2018, Google is the #1 search engine maintaining a 72% search market share. So what happens when your customers search for your website if you are not fully SSL enabled?

The short, non-technical, version is that Google provides a  ranking boost in your organic search results from Google’s site-crawlers. If you’re lacking encryption, you can expect to see your organic results decremented and your ranking below your secure competitors on Google’s results page. If you’re on Adwords, you can expect to see Google filter your AdWords listings out entirely as time progresses.

In short, is it worthwhile to take this Google Chrome update seriously and make the switch to HTTPS encryption now, today? Yes! You need to take action today so that you do not risk your business tomorrow. 

How do you do it? Contact us today to find out and get started.

0

Everest Credit Card Processing Fix for TLS 1.2

Updated June 13, 2018: The details posted in this article on June 19, 2017, have expired and are not valid. The solution outlined in the whitepaper herein will NOT work to resolve the TLS1.2 problem affecting merchants processing credit cards with Payflow Pro. Since this posting, MARTEC360 has invested additional time, energy and resources to deliver a full solution that works for both today and in the future as TLS1.3 eventually roles out. That solution is PayflowPayments.com by MARTEC360.

As a solutions provider and trusted voice within the Everest community for nearly 20 years, MARTEC360’s Everest experts have been aware of the potential TLS 1.2 issue(s) for some time and have been developing, testing and working on a certified solution. Specifically, MARTEC360 has been working with Paypal, Braintree Payments and other third party vendors for validation and certification of an approved solution to the TLS 1.2 issue with legacy Everest versions (6.x and below). This certification and approval were fully granted in June 2017.  
 
The recent “fix” that was posted in Everest google groups forum online is “very close” to the process to which PayPal has signed off on as a certified solution MARTEC360. There are a few exceptions to this, specifically: This process/solution will NOT work for organizations still running Windows 2003 and/or with some other software incompatibilities (anti-virus/security lockdowns on registry edits). As such, many organizations and Everest users may not feel comfortable configuring and testing their systems, servers and payment gateways on their own to account for these fixes. MARTEC360 is offering the approved TLS 1.2 implementation process for any organization running Everest for a nominal fee.
Please feel free to contact us directly if you wish to have this solution implemented within your organization. 
MARTEC360 is a technical integration, digital marketing and professional services firm based in Tampa, Florida serving enterprise and eCommerce clients globally.  The firm is led by Andrew Shelton who was part of the “1st Everest implementation outside of iCode back in 1998” before then starting E2 in 2002 serving the Everest community until 2016 when MARTEC360 was founded. In spring 2017, Michael Ross, formerly of Everest911 and certified iCode ICER & ICEE joined the MARTEC360 team thereby creating the foundation of the foremost Everest ERP solutions provider in the world.

For more information, please contact Martec360 directly.

Please feel free to contact us directly if you wish to have this solution implemented within your organization.

Top Questions About TLS 1.2