(2 votes, average: 5.00 out of 5)
With the evolution of web browsers, SSL trust indicators (padlock, SSl green bar, site seals, etc.) were bound to evolve, being a part of the browser. SSL trust indicators are visible symbols or markers on the browser that indicate the presence of an SSL certificate on the website you’re visiting and increase the customer’s trust.
Amidst these indicators, one has stood the test of time – the padlock icon. It remains a symbol of secure connections in the browser’s address bar. However, one SSL trust indicator gradually faded away from view in major web browsers like Chrome, Mozilla, etc. – the “SSL Green Bar” of trust. In this article, we will explore – What the SSL green bar was and the reason(s) that led to its disappearance.
SSL certificates come in various types, with validation levels indicating the depth of background checks on the website owner or the company that owns that website. EV SSL Certificates represents the highest validation level, where Certificate Authorities (CA) meticulously verify the legitimacy of the requesting company.
Websites equipped with Extended Validation (EV) SSL certificates used the green bar as an SSL trust indicator. When you visited an EV SSL quipped website, FireFox, Mozilla, Safari, and Chrome would turn the address bar green and prominently showcase the registered company’s name before the website URL.
Google’s decision to remove the green bar, as explained by the Chrome Security UX team, resulted from a comprehensive evaluation according to which the Extended Validation User Interface (EV UI) wasn’t fulfilling its primary objective of safeguarding users as initially intended and hindered the user experience more than it aided.
In lay terms, while expecting a heightened level of security due to the green bar, users sometimes encountered confusion or misconception of its significance.
Furthermore, in-depth security research conducted by Google’s experts unveiled that the green bar failed to provide the anticipated level of protection against phishing attacks.
With these findings – “It became apparent that malicious actors could exploit this perception of trust to their benefit.” In essence, despite its well-intended purpose, the green bar didn’t prove as effective as it had been envisioned and was discontinued by Google.
The first departure from the SSL green bar was initiated by Safari, followed by Google and other major browsers. Google bid farewell to the green bar with Chrome version 69 in September 2018, continuing to display company information in the address bar until Chrome 77’s release a year later.
The probability of the green bar’s resurgence in web browsers is “zero.” As previously mentioned, both Google and cybersecurity experts arrived at the consensus that the practice of displaying company information through the green bar had significant limitations and, in specific scenarios, could even pose a risk to users.
Hence, browser developers and other authorities decided to terminate it. Currently, no news indicates any chance of a resurgence (revival) of the SSL green bar trust indicator.
With the SSL green bar gone, modern web browsers have shifted their focus towards more robust and user-friendly security measures, such as emphasizing the presence of an SSL certificate (encryption) and providing a clear warning when websites lack proper security protocol (HTTPS) or SSL.
Even though the green bar that used to indicate the existence of an EV certificate is no longer present, having one is still advantageous for businesses and enterprises as it reassures users of their website’s legitimacy.
Although the way we communicate company information has changed, it still exists and requires a few extra clicks to access that information. Users can smoothly do it by clicking on the padlock symbol in the address bar. This will provide them with more information about who has registered the SSL and owns the website.
When you search for SSL on Google, you’ll find many websites promoting the benefits of an EV SSL’s green address bar. However, some of these websites might be outdated, or they may not have updated their SSL details. Whatever the reason, for those new to SSL, the presence of the green bar can be confusing when researching SSL options.
While the SSL trust bar once played a pivotal role in raising awareness about web encryption, it has now gracefully exited the stage, making way for new security practices. As most websites already have an SSL certificate, the new focus is on cautioning the website visitors, if they visit a site that does not have an SSL or uses the HTTPS protocol, indicating that it’s not secure.