Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


20170206 - New security alerts on Chrome 56

A few months ago we announced that Chrome was about to enhance its secutity requirements.

With Chrome 56 release on January 25, 2017, it is now a reality.

Google's browser - holding more than 50% of market shares - aims non secure forms collecting sensitive data such as personal data or payment information.

What we users see?

Everything is displayed in the url bar that now tells web users that he form, if not presented in HTTPS and containing payment information, is 'not secure'.

It comes with a legend: "Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers."

PLEASE NOTE: It is NOT sufficient to place an HTTPS iframe inside a HTTP page; the top-level page itself must be HTTPS as well.

From the version 62 of Chrome which should be released on 24th October 2017, all forms (with or without payment information) will trigger this alert.

You are concerned?

Then you should install SSL certificates on your web tools and guarantee secure transfers of information via HTTPS.

There are lots of certificates meeting any needs and any budget. From simple standard certificates for showcase web sites to Extended Validation certificates (triggering the green URL bar) for e-commerce web sites, there is a solution for you.

TBS INTERNET also proposes free certificates (without ID validation) and valid 3 months (renewable).

What's next?

Those new alerts are only a milestone on the path toward security Google is on.

The next steps:

  • Non secure forms will be considered as dangerous and will trigger much hard-hitting alerts:
  • a similar alert for any non secure web sites (whether there is a form or not)

There is no defined deadline for now but November 2017 seems to be a possibility.

Other Chrome icons and their meaning

Neutral display for non secured websites

Site secured by a DV (Domain Validation) or OV (Organization Validation) SSL certificate

Site secured by an EV (Extended Validation) SSL certificate: The name of the certificate owner is displayed in the URL bar

Certificate error: there is a certificate but it there is an issue (it is expired or revoked for example)

Site considered as dangerous, source of malware or phishing attacks for example

Useful links