Google’s Trusted Stores program isn’t compatible with encryption, the Wall Street Journal is reporting. The revelation flies in the face of Google’s public support of encryption.
Earlier this month we reported about Google’s plans to prioritize encrypted sites in search results. As we noted then, the ranking signal is fairly weak, so sites that Google deems higher quality will still show up higher in search results.
It was a small incentive to get websites to encrypt, but an important one. However, the fact that Google hosts an e-commerce program that isn’t compatible with encryption is a bit contradictory. Especially considering the rash of hacks on retailers in recent years.
Google’s Trusted Stores program rates participating stores based on their shopping experience and shipping expediency. Then Google issues the store a badge to display on each webpage of its site. The problem is, encryption blocks that badge.
“The Trusted Stores badge is designed to be suppressed and not show up on secure pages,” Google wrote to Christopher Heitman, co-owner of Pegasus Auto Racing Supplies based out of Wisconsin, according to the Wall Street Journal report.
Heitman has several times applied for a Google Trusted Stores badge and each time he’s been denied because he uses encryption across his site. The benefit of encrypting the entire site, rather than individual pages, is that it prevents certain types of cyber attacks wherein an attacker can use information entered on an unencrypted page, like a username and password, to gain access to other information.
Google says it’s developing a “workaround” to make the Trusted Stores badge compatible with encryption. In the interim, it seems pretty ironic that Google would launch a prioritization tool that rewards encrypted sites with higher placement in search results, while operating an honor program for online retailers that penalizes encrypted sites.