Traditionally, most ecommerce websites use SSL encryption technology to protect a shopper's personal information during the checkout process. While the checkout process is secure, all other traffic to the ecommerce website uses the old, unsecured HTTP protocol. This has been the common practice for about twenty years.
It's time for an upgrade.
Today, we're pushing for a safer, more secure internet by ensuring all pages, content, data...everything, on all 200,000+ online stores powered by Shopify can be accessed using SSL encryption. Not only will this ensure that no data could be intercepted as it goes over the network, but it will also help merchants build customer trust. This is the right thing for ecommerce in 2016.
To make this possible, we've issued and set up SSL certificates for every Shopify store. And because we feel this is important, we did it at no additional cost to existing or future Shopify merchants. You can now easily encrypt your online store by clicking "Activate SSL certificates" in your Shopify website builder. Once activated, all your traffic will be redirected from HTTP to encrypted HTTPS.
Build trust with your customers and Google
When a shopper visits your store for the first time, they look for cues that tell them it's safe to buy from you. The most powerful indicator that they can trust you is the padlock icon that appears when your online store is fully encrypted, and they look for it whether they're on your checkout or not.
But your customers aren't the only ones looking for that padlock. Google looks for it, too. In fact, they've made it clear that encrypting your website is good for SEO and could lead to a boost in your search position. You can read more about how Google handles encrypted websites here.
Learn more: A seamless checkout process, Shop Pay checkouts convert at a 1.91x times higher than regular checkouts.
What if I don't use Shopify for ecommerce?
We feel very strongly that the unsecured HTTP should no longer be used for any ecommerce traffic, whether you use Shopify or not. So we're joining Facebook, Mozilla, and Google to sponsor Let's Encrypt, an initiative that pushes for this new standard on all websites. If you aren't on Shopify, but you would like to use SSL encryption on all pages of your website, read more here.
How can I encrypt my Shopify store?
Buying and setting up SSL certificates used to be expensive and tedious. That's why we've done it for you, and made it completely free. With just a few clicks, you can fully encrypt your Shopify store, improving your store's security, increasing customer trust, and boosting your SEO.
Storefront SSL certificates are being gradually released to existing stores, and some store configurations aren't currently eligible. If SSL certificates aren't available for your storefront yet, check your Shopify Home or the Domains settings page again soon.
Still have questions? Join our free webinar on February 4, 2016 at 11am (EST).
SSL Encryption for Ecommerce: Common Questions
What is SSL encryption for ecommerce stores?
SSL encryption protects shoppers' personal information as it travels over a network, preventing data from being intercepted. For ecommerce stores, it covers all pages and content — not just checkout — so every interaction a customer has with the store is secured.
What is the difference between HTTP and HTTPS for ecommerce?
HTTP is an unsecured protocol that leaves store traffic vulnerable to interception. HTTPS uses SSL encryption to secure all data in transit. For ecommerce, running the entire store on HTTPS — rather than only the checkout — means customer data is protected at every point of their visit.
Does SSL encryption affect SEO rankings?
Google has confirmed that encrypting a website is a positive SEO signal and can lead to a boost in search position. Stores that serve all pages over HTTPS may see improved rankings compared to those still using unsecured HTTP.
How do SSL certificates get set up on a Shopify store?
SSL certificates are issued and configured automatically for every store on the platform at no additional cost. Merchants activate them by clicking "Activate SSL certificates" in the website builder settings. Once activated, all traffic redirects from HTTP to encrypted HTTPS across the entire storefront.
How does HTTPS build customer trust in an online store?
A padlock icon appears in the browser when a store is fully encrypted, signalling to shoppers that their data is safe. Customers look for this indicator across all pages — not just at checkout — making full-store SSL encryption a key factor in building purchase confidence.
Can non-Shopify websites use SSL encryption on all pages?
Any ecommerce website can move away from unsecured HTTP by using SSL encryption across all pages. Initiatives like Let's Encrypt, sponsored by organizations including Facebook, Mozilla, and Google, support this standard for websites regardless of which platform they use.
