From July 2018, Google will begin working towards a new milestone in internet security. The not-so-secret ingredient: websites not encrypted with SSL will be marked as unsecure. Anyone with Google Chrome version 68 installed will now see an unmissable mark in their browser, drawing their attention to the unsecure connection.

What’s more, the provisions of the EU General Data Protection Regulation (GDPR) came into force on May 25, 2018. And it didn’t take long for the first lawyer to come up with the bright idea of claiming compensation from a website operator because their contact form didn’t transmit the inquiry via https. The SSL certificate establishes visitors’ trust and ensures compliance with the GDPR – at least on this point. It’s also a good idea for Swiss SMEs to rely on a Business EV SSL certificate from the start, as this type of SSL certificate requires a more thorough and serious multi-step validation process and means that the authenticity of the company can be checked each time the website is loaded.

Until now, Google Chrome identified unencrypted websites using a neutral marker. Since version 62, however, the browser has shown a warning next to the entry fields of secure logins and forms that aren’t encrypted with SSL. With Chrome 68, from July 2018, Google will make it even clearer what users should expect from unencrypted websites: they’re ‘not secure’.

Which SSL certificate is right for private individuals?

Many websites are now encrypted, and our customers are in the vanguard. Hostpoint offered all of its customers free SSL certificates even before the official launch of Let’s Encrypt, making it the first web hosting provider to do so. Now, more than 100,000 FreeSSL certificates are in use among our customers.
Hostpoint’s FreeSSL certificates are a good solution for private website operators. However, these are only validated via the domain, which means that the certification authority is not checking who actually operates the website and whether or not they are trustworthy. Google Chrome is therefore planning to remove the green lock for purely domain-validated SSL certificates in September.

Increasing numbers of phishing websites are using https

Unfortunately, cybercriminals continue to adapt to these new possibilities. Security researchers have shown that many visitors to websites encrypted with https incorrectly assume that these are secure.

The number of phishing websites using https had already increased eightfold by the end of 2017. It is therefore even more important for companies to apply the highest possible standards of security and choose certificates that actually verify their company.

Why companies should use Business EV SSL certificates

Business EV SSL certificates that check the proprietor are the ideal solution for companies – a must for every commercial website. Their use clearly signals to visitors that the website has undergone a multi-step verification process and that its trustworthiness is guaranteed. With a Business EV SSL certificate, the extended verification is also easily visible by means of the green background on the address bar. The company name is also displayed clearly.

And that’s not all: while purely domain-validated SSL certificates (e.g. Let’s Encrypt certificates) indicate that the transfer of data between the website and its visitors is fundamentally secure, it doesn’t show whether the website that the visitor has accessed is actually that of the company they want. SSL certificates without an extended verification process regarding the owner therefore carry an increased risk of phishing. Website visitors are now used to trusting websites with green address bars – and, of course, those with clearly visible company names – more than those without.


With a Business EV SSL certificate, the browser address bar shows not only the URL but also the company name. The green color and the https signal maximum security and transparency.

Websites without SSL: Google punishes latecomers!

It’s high time to act, before the (in)security warnings in Google Chrome confuse or drive away website visitors. Google also rewards websites that demonstrate secure SSL encryption in its search results: encrypted websites gain better rankings in Google’s organic search index.

However, before a website or online shop switches from HTTP to HTTPS, it needs to check that the website can still be operated with HTTPS. How? Our Support Center offers a wide range of support articles covering the most widely-used CMS systems.

Almost two-thirds of internet users use Google Chrome – the two main competitors are losing ground significantly

Almost two-thirds use Google Chrome. More than 60% were using the Google browser to access the internet by May 2018. The other three competitors, Internet Explorer, Safari and Firefox, barely captured 10% of the market share each.


Graphic: Number of page views Source: statista.com, 2/7/2018

Hostpoint handles SSL certificate installation for its customers

With Hostpoint, installing SSL certificates is free and as simple as can be. Even Business EV SSL certificates can be requested with just a few clicks and are usually activated within a single working day. Hostpoint accompanies its customers through the verification process. The renewal process is also largely automated, making it as easy as pie.

One year free for company Business EV SSL certificates!

Is your business website still lacking a Business EV SSL certificate? We’ll provide you with greater security with an offer unbeatable anywhere in Switzerland: business customers who subscribe to a Business EV SSL certificate through Hostpoint will receive a whole year free of charge. After the first year, the EV SSL certificate costs CHF 12.00 per month. The minimum contract term is two years.

Google only wants websites with https from now on. Are you ready?

Claudius Röllin

Co-Founder & Chief Product Officer

0