Decrypting Google’s HTTPS Security Carrot

By Winston Burton; VP, SEO

Originally published at MediaPost

Maybe the folks at the National Security Administration know the long-term motives behind Google declaring that websites’ use of HTTPS will now be an organic search ranking factor, although an extremely small one. After all, if any entity could scan Google’s internal emails — the way the company itself does with Gmail — it would be the NSA.

In the meantime, SEOs are left to ponder the consequences of Google’s adding HTTPS encryption to its approximately 200 search ranking signals. It’s eerily reminiscent of the company’s move a while back to add the speed at which web pages load to its algorithmic bag of tricks. After all, how do security and speed relate to content authority and relevance.

The bottom line for now is that SSL/HTTPs is a lightweight signal that will have little impact on increasing search engine rankings. How lightweight? Google says that using SSL/HTTPs has affected “less than 1% of global queries.”

Sites that have high quality content, good domain authority, fresh content, quality links, social endorsements and provide a good user experience will continue to rank highly in Search Engine Results.  For sites that already secure the entire domain and protect personal information (banks, financial institutions etc.) this modification may provide a small boost in search engine rankings. In practice, this signal could most likely be used in a tie-break ranking situation more than a general indication of quality or popularity. It’s not likely that a “tier 1” indexed result will have a “tier 2” result leapfrog over it due to a slight difference in protocol.

Having said this, there is no reason to rush to heed Google’s latest policy edict, which is actually more of a request at this point. The reality is, when it comes to providing its users with exactly what they are looking for, consumers don’t perceive Google as underrepresenting major brands and the most popular sites on the web. But Google does not own the World Wide Web, nor does it have access to all of its content. So it can request, suggest or even tease with a “ranking carrot,” but the democratic element of the Web is free to lose/use the protocol of choice.

SEOs would be advised to conduct keyword research on the most popular 100 queries at Google and the top 100 websites for those queries, and see how many quickly make the change to SSL. Sites that already have SSL/HTTPs on a portion of their web pages will probably not experience a lift in search engine rankings. Since Google’s mission is to make the entire web secure, all of a site’s web pages (entire domain) must be secure and not just the shopping cart page and checkout pages. Once the entire domain is secure, this may help increase visibility to a small degree.

One fear is that websites may experience a decrease in rankings in the switch from HTTP to HTTPs once redirects have been set up. Such sites may experience a small decline in traffic depending upon when Google crawls them and indexes the new URLs. For a big site with thousands of pages, it could take time for Google to crawl and index the new pages that are secure. In this case, it’s a good idea to create a new XML sitemap to inform Google about the new URLs so the engine can find and index them.

For sites that are already in the process of a total redesign/redirect exercise, it may be worthwhile to consider securing the entire site to go to HTTPS.  Incorporating HTTPs/SSL into the redesign or redirect project could yield an increase in search engine visibility, and the risk of loss of existing rankings, traffic, links has already been considered into the equation.

Otherwise, just sit tight and adhere to the adage “If it ain’t broken, don’t fix it.”

Comments