Google to replace Chrome's HTTPS lock icon in September
Google has announced that it will replace the HTTPS lock icon in Chrome. It wants to bring a new icon as part of its redesign that is set to arrive in September.
Why is the HTTPS lock icon so important?
As you may know, an HTTPS connection ensures that the channel is secure, i.e. the browser's connection to a web page cannot be eavesdropped upon by hackers. An HTTP page on the other hand is generally unsafe as it could be redirected to malicious web pages. The HTTPS protocol is widely employed by websites, Google says over 95% of page loads on Windows are over HTTPS channels. The Silicon Valley mogul had pushed the use of HTTPS widely, and had warned websites that it would rank non-HTTPS sites lower in search results, which helped the adoption of the protocol.
There are a couple of ways to tell when a connection to a website is secure. One is to check the prefix of a URL, if it starts with HTTPS or not. A simpler way is to look at the lock icon next to the address bar, if it shows a padlock the connection is using a secure channel. Some modern browsers have a dedicated site details button sort of like a shield icon, clicking on which provides more details about the connection to a website, but that's a different story.
Why is Google replacing the HTTPS icon?
So, if the HTTPS icon is useful, why does Google want to replace it? The Mountain View company says that the icon is a remnant of the past, where HTTPS was not commonly deployed by websites. Google says that the HTTPS lock icon is often misunderstood as representing a website's trustworthiness. A study conducted by the search giant in 2021 revealed that just 11% of participants in the research had actually understood what the lock icon meant.
In other words, people assumed that a website was safe to use because it had an HTTPS connection. The company reveals that it is far from the truth and that even hackers are using it, nearly all phishing sites use HTTPS. This will of course display the lock icon, which is exactly the landmine that it wants to sidestep. Even the FBI published a paper where it advised users that the HTTPS lock icon is not a safety sign.
Google began experimenting with the HTTPS icon in 2021, when it replaced it with an arrow button. The experiment was apparently successful and didn't cause any confusion among users. Here's what it looked like.
But, the company decided to go with a different style.
What is the new icon in Chrome?
The new HTTPS button is a tune icon that has been redesigned slightly. Google says that the new button is a neutral indicator that will avoid the confusion and security risks that were caused by the lock icon.
How will this help users? Functionally, the buttons are the same. But the company says that the tune icon does not imply that a website is trustworthy. The aesthetics are quite similar to settings in other apps, which will help users understand that it is clickable. This will in turn engage user interaction, so they may click on it to check the site details, and permissions. Google says the new icon will launch with the redesigned interface in Chrome 117, which is scheduled to be released in September 2023.
If you want to see what the new HTTPS icon looks like and experiment with it, you can install Chrome Canary, by testing the 2023 redesign. You can find the steps for enabling it in Martin's article.
On a sidenote, Google Chrome for iOS has been updated to version 113. It now lets you translate text by selection.