Be warned: you’re going to lose form conversions if you’re still using the HTTP protocol instead of the secure HTTPS protocol.
That’s because Chrome 86 will issue warnings to users if they’re filling out insecure forms. And those warnings will have an impact on whether or not the users complete the forms.
Let’s take a deep dive into what we know about the new feature in Google Chrome 86.
When It’s Happening
If you’re still working with insecure forms on your site, you have some time to get the problem fixed. But not much time.
Google Chrome 86 goes into beta no later than September 10. That’s when people start testing it.
It should go into release at the beginning of October.
When that happens, all users who update will see warnings about insecure forms.
What Are Those Warnings?
The warning starts with these words: “This form is not secure.”
Well, that makes sense, doesn’t it? Forms that don’t use the HTTPS protocol will transmit data over the wire that snooping third-parties can see.
You don’t want that if you’re using the form to transmit sensitive info, such as Social Security numbers and credit card numbers.
But the warning doesn’t stop with those ominous words, highlighted in red. Chrome also tells users that autofill has been turned off.
So the browser won’t just display a warning. It will also take action.
Or, in this case, it will take inaction.
Lots of folks like having parts of their forms filled out automatically. Who enjoys typing the same name, address, and phone number over and over again?
Chrome assists people who fill out common form fields by pre-populating them with data it already knows about its current user. That’s a nice to have.
But if those fields aren’t prepopulated, people are more likely to bounce away before completing the form. Especially if they see a statement that says the form isn’t secure.
Oh, by the way, the warnings don’t end there. Users who fill out the form manually and submit it will receive yet another warning.
They’ll see a popup that says “The information you’re about to submit is not secure.” That’s followed by a subheading that reads: “Because the site is using a connection that’s not completely secure, your information will be visible to others.”
Users get the option to click “Send anyway” or “Go back.”
Yeah. That’s a conversion rate buzzkill if ever one existed.
Previous Warnings
In the past, Chrome just put a broken clock icon in the browser bar to indicate that the form wasn’t secure. That was bad enough.
But that was easy to miss. Apparently, Google realized it and opted for the in-your-face warnings we’ll soon see.
It’s possible that Google is avoiding litigation with this move. The company doesn’t want to get sued if people send sensitive data in cleartext.
I wouldn’t be surprised to learn that people already tried to sue Google for something like that.
How to Move to HTTPS
If you’re still using HTTP, you probably want to make the move to HTTPS after reading this. That’s a good thing.
You can get the ball rolling with the secure protocol by purchasing an SSL (Secure Sockets Layer) certificate. Fortunately, they aren’t that expensive these days.
Once you’ve got that certificate, you’ll have to get with your development team to get it installed on your server and work for your site.
Then, you can use forms as much as you want. You won’t have to worry about the warnings from Chrome 86.
The secure HTTPS protocol also offers limited SEO benefits. So you have that going for you if you decide to make the switch.
Wrapping It Up
Google is taking data security seriously. So should you.
If you haven’t yet made the switch to HTTPS, why not get the ball rolling today?
