Google is encouraging website developers to make their sites secure for visitors by using site encryption as one of the factors to determine search ranking.
The company is urging website developers to adopt HTTPS, a form of website encryption that secures data send over the Web, to protect user data from hackers.
“Over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms,” the world’s No. 1 search engine operator said on a blog post.
The search engine has been testing highlighting pages that have HTTPS encryption by default, and will now roll out across its algorithms.
“We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal,” Google said.
The decision could encourage more sites to turn on encryption, which makes them less vulnerable to hacking.
Encryption is used to digitally scramble data as it passes between a user’s device and an online service in order to prevent others eavesdropping on the information.
It is used by many, but not all, sites that show a little padlock and use a web address beginning HTTPS. The “S” stands for secure.
But for many firms across the web, adding encryption has to this point been an additional burden in terms of time and costs.
Only a ‘lightweight signal’
Google said that – for the time being – whether a site was encrypted or not would not be a crucial factor in how they ranked sites.
“For now it’s only a very lightweight signal – affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content – while we give webmasters time to switch to HTTPS,” Google’s Zineb Ait Bahajji and Gary Illyes said in the blog post.
“But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”
David Drummond, Google’s chief legal officer, has previously said the US needed to change its approach to intelligence to restore trust in the internet.
In 2011, Google introduced HTTPS by default on its popular Gmail service. Rival Yahoo moved all its users’ data to secure servers in March 2014, and Facebook committed to secure browsing by default since July 2013.