From HTTP to HTTPS there is just a short step. And Google Chrome wants every websites to make the leap.
HTTP is a protocol designed to receive and send information towards web servers without any data encryption, thus leading to very high hacking risks. Currently, the Chrome browser is labelling HTTP connections with a neutral indicator.
From January 2017, version 56 of Chrome will change the rules: it will signal HTTP pages that collect passwords or credit cards as non-secure. This is the first step of a long-term plan to label all HTTP sites as non-secure. Furthermore, the red triangle that was used for broken HTTPS will be extended to all HTTP pages.
Through this warning, Google aims at reinforcing the transition towards more security with HTTPS.
Today, more than half of Chrome desktop page loads are now served over HTTPS.
Merchants’ websites are of course strongly impacted and mustn’t delay their HTTPS migration (if not already done). By delaying this upgrade, they could damage the trust of many visitors.
Consult the news on Google Security Blog