Google’s HTTPS Incentive Is Little Incentive At All

Google’s HTTPS Incentive Is Little Incentive At All

Want to get more traffic for your website? How about investing in costly web encryption that you don’t actually need?

That’s the proposition that Google put forward last month, when it announced an incentive for site owners to switch to HTTPS (hypertext transfer protocol secure). For the record, HTTPS is the more-secure form of the familiar HTTP, the protocol that transfers data over the web. Right now the majority of websites don’t use HTTPS because they don’t need it, but Google says it’s now using HTTPS as a signal in search ranking algorithms. In other words, make the switch and you will likely get an SEO boost.

But for most sites, encrypting with HTTPS still isn’t worth it. Here’s why:

  1. You likely won’t see more traffic: Even under this new scheme, Google doesn’t treat HTTPS encryption as a strong signal about page quality. Google really looks at two main things to place a site in the search results: its quality (based primarily on rich content, number of quality backlinks, and social signals) and its relevance to the search term in question. If a factor doesn’t directly relate to those two criteria, then it has little effect on rankings, even if it’s in the algorithm. Typically these incidental factors are only tiebreakers, used when two pages of equal quality and relevance are vying for a spot.
  2. Most sites don’t necessitate such security: HTTPS is very valuable to certain kinds of sites. Those sites include financial institutions, e-commerce sites, and membership sites—basically any website that requires you to log in. If your business falls into that category, you should already be on HTTPS. For other types of websites, HTTPS provides no overwhelming benefit because you’re not asking users for personal information or transmitting that information anywhere, and that’s all HTTPS protects.

Translation: If your site didn’t need HTTPS before Google’s announcement, it doesn’t need it now. The incentive that Google has offered is just not substantial enough to justify the cost.

There is a circumstance where that could change in the future. Google is on a PR campaign to position itself as the shepherd of information privacy, promoting “HTTPS everywhere.” That’s disingenuous, because using HTTPS everywhere won’t actually make the Internet more secure—but what if a lot of people think it does? Then consumers would expect businesses to convert, and any site with vanilla HTTP would be perceived (wrongly) as suspicious.

So let’s hope Google’s campaign doesn’t fool too many people. Until then, use the protocol that best serves your needs—which, unless you have a user login, is good ol’ HTTP.