According to Chrome, the lock icon that represents a secure HTTPS connection will soon be replaced by a more neutral icon that they say will provide a better user experience.
Research shows that the current lock symbol is deliberately deceptive and creates security problems, which is why it is done.
Why does the HTTPS lock icon disappear?
The lock icon is an artifact of a time when secure connections were the exception rather than the norm.
Users can rely on the green lock icon to remind them that the connection was secure.
In the past, it was generally understood that only financial and e-commerce sites required a secure connection, and sites that did not process transactions did not need to have secure connections.
But old attitudes changed when Google and other companies began encouraging publishers to use secure connections to improve user privacy and security.
Google eventually went so far as to make secure HTTPS a ranking factor, prompting naysayers who still argued that HTTPS was pointless for non-business.
Chrome’s announcement explained:
“HTTPS was originally so rare that at one point, Internet Explorer popped up an alert to users to notify them that the connection was secured by HTTPS, reminiscent of the “Everything’s Okay” alarm from The Simpsons. When HTTPS was rare, the lock icon drew attention to the additional protections provided by HTTPS.
Today, this is no longer true, and HTTPS is the norm, not the exception, and we’ve been evolving Chrome accordingly.”
The lock icon is Misleading
It may seem counterintuitive, but Google research found that the lock icon lulls users into a false sense of security.
A lock icon does not mean the site is secure. It simply means that the connection is made using a secure protocol.
Users mistakenly assume that a lock icon means a website is secure and therefore automatically trust the website they are visiting.
This is a potentially harmful concept, as phishing and malware sites usually display a lock icon.
Google research shows that consumers still associate the lock icon with security.
“We redesigned the lock icon in 2016 after our research showed that many users misunderstood what the icon conveyed.
Despite our best efforts, our research in 2021 showed that only 11% of study participants correctly understood the precise meaning of the lock icon.
This misunderstanding is not harmless — nearly all phishing sites use HTTPS, and therefore also display the lock icon.
Misunderstandings are so pervasive that many organizations, including the FBI, publish explicit guidance that the lock icon is not an indicator of website safety.”
Lock Icon De-emphasis
Chrome has played down the importance of the lock icon for the past five years, starting in 2018 when they proposed replacing the icon.
Previously, the word Secure was visible written in green.
The proposal was to delete the word.
Here’s a screenshot from the Chrome blog post:
Removing the lock icon can be seen as a part of the natural evolution of the web and what users need.
New HTTPS Tune Icon
Google is updating the HTTPS icon to more accurately indicate a site’s HTTPS status as secure, but not inadvertently secure.
The new icon is the so-called settings icon.
Google Fonts shows these as examples of tune icons:
And this is the new icon that Chrome will feature:
Chrome’s statement explained the reasons for choosing a tune icon:
“We think the tune icon:
- Does not imply “trustworthy”
- Is more obviously clickable
- Is commonly associated with settings or other controls”
Chrome will still warn users when the connection is secure.
The redesigned icon will be released in Chrome 117, which is currently scheduled for release in September 2023.
Chrome has announced that the change is planned for both the desktop and Android versions of Chrome.
They remove the icon completely from the iOS version of Chrome because the icon cannot be tapped.
Looking for SEO services?
