According to a survey that polled 1,324 people in the UK, web users were put off by seeing a “not secure” message attached to a website. This isn’t just about negative knee-jerk negative reactions, as the survey found that the flag affects both behavior and brand perceptions as well.
HTTPS has been a a ranking signal for Google since 2014, and since July 2018, Google marked HTTP sites as not secure in Chrome. “However, the survey found that 47 percent of respondents “knew roughly what the warning meant.” Another 46 percent said that they wouldn’t enter their names or financial information into an insecure site. 64 percent of that group would “instantly” leave the site.
There were other fears or concerns that include:
- Their device was exposed to a virus — 14 percent
- They had arrived on a fake version of the intended site — 12 percent
- The content was “unreliable and not fact-checked” — 9 percent
- Being signed up for spam email — 8.4 percent
The survey also found many people feared that their search histories would be sold.
Brand perceptions, with certain exceptions, were impacted negatively by the “not secure” warning. John Lewis, a UK retailer, didn’t suffer the same amount of negative sentiment as other known brands. This suggests the possibility that in a limited number of cases, brand strength and loyalty can overcome the impact of the not secure warning.
Due to the concerns about the warning, conversions are being lost due to the negativity the warning brings.
It’s implied by the results above that half of survey population wasn’t as concerned about the warning. The combination of HTTPS as a ranking factor and the adverse reactions of consumers to seeing the not secure warning create an imperative to adopt HTTPS encryption. There’s really no reason to not go HTTPS.
John Cabot observed that, despite this, “there are still millions of websites with the ‘not secure’ warning.”