In previous updates, the browser had already begun to mark critical HTTP pages — like those that collect bank and personal information — as “not secure.” But to move toward its goal of assumed security on its browser, Chrome announced today that it plans to begin removing the “Secure” marker on HTTPS sites this September and begin marking all unencrypted sites with a red “Not secure” marker this October.
Previously, according to Chrome, the number of HTTP sites across the internet was too high to feasibly mark all of the encrypted sites in this way, but with the increase of secured sites in the last several years, this feat has become more reasonable.
According to a Chrome Transparency Report that tracks encryption use on the browser between 2014 and 2018, the browser’s traffic from Android and ChromeOS have both seen increases in encryption rates (up to 76 percent protected from 42 percent for Android traffic and 85 percent protected up from 67 percent for ChromeOS.) The report also states that since 2014, when only 37 of the web’s top 100 sites on the browser used HTTPS as default, the number of protected top 100 sites in 2018 has risen to 83.
While these security updates from Chrome don’t appear to be a direct reaction to the security hacks in recent months, they are timely. Security, especially online, has become a particularly barbed topic following a number of bank, healthcare and election hacking incidents around the world.
“Secure” sites can’t ensure that your information is impenetrable, but Chrome says it plans to make continuing efforts in this space to ensure that its users have the most secure browser experience possible.