Should Google favor sites with SSL in their search results? Matt Cutts thinks so.
He is the very public head of Google’s Webspam team and works on search engine optimization issues. In recent weeks, Cutts has expressed his opinion at various conferences and public settings that Google should update its search algorithm to reward sites using SSL in its search results. This would help drive traffic to those sites, putting non-SSL users at a disadvantage. Cutts is advocating for the change within Google, where it has become a matter of some debate.
Mr. Cutts is probably the most well-known and most public figure within Google, outside of Chairman Eric Schmidt himself. His strong pro SSL views should carry some weight.
In fact, Cutts has advocated for several years that more web sites should be secured with SSL. He has assured site operator’s that changing their addresses from http to https will not have a significant effect on their Google ranking and that the benefits in protecting users from being snooped on by hackers is enormous.
Regardless of how SSL factors into Google’s famed search algorithm, which is a closely held secret, using SSL can have a positive impact on site traffic because it assures e-Commerce customers that their transactions are safe. SSL certificates that provide high levels of organization assurance protect users from doing business with unauthenticated, and therefore potentially risky, web merchants.
Recent versions of browsers enable users to immediately identify an authenticated website through the green address bar on the browser. The website’s security status is also displayed alongside, with the tag alternating between the identity and location of the authenticated entity, and the CA that provided the validation. Rolling a mouse over the security status bar will also reveal detailed information about the company operating the website.
When customers feel secure while shopping, sales increase. A study by the Online Trust Alliance reports that websites using EV Certificates, which provide the highest level of assurance and allow the display of trust seal, experienced increased buyer click through rates of 10% or higher. One company reported its customer its revenue per transaction increased by 58% after upgrading to EV.
Google itself is expanding its use of encryption, including for Gmail and Google search. Last month, Google announced that Gmail will now always use an HTTPS connection and encrypt all messages moving internally on Google’s servers. Gmail has always offered HTTPS and has had it turned on as a default since 2010. Now, however, users will not have the ability to turn it off.
Importantly, Google also announce that in addition to your emails be protected moving between your computer and Google, every email will be encrypted while moving between its own server in its data centers. Google is even working on controlling what happens to messages that are sent outside their servers to other systems, such as when a Gmail user sends an email to another mail service not using HTTPS. They have a solution in beta that is not yet widely deployed yet.
Google clearly takes securing its customer’s communications very seriously. Shouldn’t you?