Boost your SEO with HTTPS
Google just announced that as well as using over 200+ factors they'll also be using SSL/TLS to rank your website
Google just announced that as well as using over 200+ factors they'll also be using SSL/TLS, the encryption system used to secure communication between websites and their visitors via HTTPS, and they'll be giving this up to 1% weight, with the potential for that weight to increase in the future.
HTTPS is a good thing, it prevents eavesdropping on website traffic, safeguarding things like login credentials and personal data and it also prevents more direct attacks such as man-in-the-middle attacks where a third party intercepts the communication between server and client and is able to appear to be something they are not; either the client or the server.
The way Google have made this part of the ranking signal is smart to be fair, it will certainly drive action, but why are they cracking the whip on this particular issue? After all it is widely known that Google also uses website speed as a ranking factor, yet HTTPS transactions can be slower than their HTTP equivalent. Website speed directly drives Google's overheads in that slower websites take longer to spider, so you need more servers to spider any given size of web in any given time, so this must be really really important to them.
It's also unusual for Google to quantify the weight attributable to a single factor - as well as hint that it might be given more weight in the future. The 1% is definitely the 'stick' with the promise of further benefit being the 'carrot' - one that for me may never materialise if Google drive enough take up of HTTPS with the stick alone.
In fact, it wouldn't surprise me to see this melt into "it's just one of over 201+ ranking factors we use" down the line, with nobody understanding what if any weight Google are giving HTTPS following its widespread adoption.
So for kicks, let's speculate about why Google is so keen on HTTPS:
1) Google are altruistically acting in the best interests of everyone. Despite the fact that many of their websites still run on unencryptyed HTTP including all Blogger sites, they're mandating that you and I use SSL to move us towards a safer web. It's another case of do as we say and not as we do, that's all.
2) Google has an angle? But if so, what could it be? What could Google gain from HTTPS becoming the defacto communication protocol in place of HTTP?
Well, anyone selling SSL certificates will gain over the next 12 months I expect. I don't believe Google offers SSL currently though worthy of note is that 'Google Domains' is currently in private beta. So, if SSL certificates could be offered via Google Domains and issued at REALLY competitive prices, or possibly even free of charge to domains on the Google Domains IPS TAG (check out what Cloudflare are doing with their own Certificate Authority), that would drive either SSL certificate sales revenue, or if free, substantial domain renewal income on the domains that moved to the Google Domains Tag for the free certificates?
And what about the bunfight trying to market SSL certificates amongst the vast number of other Certificate Authorities and their Resellers? An SSL provider could conceivably throw more money at Google Adwords to capture all these new "buy SSL certificate" type searches, so it's also conceivable that AdWords revenues might also get a nudge upwards.
Finally, there may also be a smaller opportunity for Google in Analytics and Adsense. Google Analytics is SSL ready today; making it an option where incumbent logging scripts can't be used over SSL (non HTTPS page assets trigger disconcerting warnings, even if the main page is protected using SSL).
For the same reason, any third party Ad scripts would also need to be called over HTTPS. Like Google Analytics, Google's Adsense offering is also SSL ready, potentially making it a goto option where third party scripts won't work with SSL.
Of note, your ISP is now also partially locked out of data it could have exploited previously, since connections between client and server on HTTPS are encrypted. To what extent this offers a competitive advantage to Google I'm unsure, but locking people out of data could conceivably increase the value of any data sources which remain.
But who knows. This is all pure speculation on my part; there could be several 'land grabs' taking place here, or none at all.
Nevertheless, and stepping back from the 'evilness' of any of this, the problems faced by Webmasters in implementing SSL correctly, and particularly in implementing it cost-effectively should not be dismissed. This is another topic entirely, perhaps one for a later post.