A compelling reason to move to https? "Direct" traffic on the rise
Our race to measure, understand and develop digital marketing strategy from website traffic data is never-ending and it usually has one goal: ROI. Be it a financial return or brand awareness, the effort to understand traffic should be focused on studying people’s behaviour and user journeys rather than a reflection of the idiosyncrasies of the analytics programme you’re using.
Conversely, search engines like to – and must – change their algorithms regularly, sometimes at short notice but more often without any notice. Sometimes these changes leave digital marketing professionals pulling their hair out, as was the case back in 2013 when Google stopped passing data about the search terms people used when delivering organic search traffic to your website.
That change was intentional on the part of Google, but we’re observing a clear new threat to the ability of digital marketers to analyse their website data, which is unintentional and has received very little online coverage. Here’s what you need to know.
HTTPS and the loss of referral data
Google’s call for “HTTPS everywhere” and declaration that https is now a ranking signal has had a noticeable impact on how website traffic is recorded and categorised in analytics tools, if not the absolute volume of traffic itself. All other things being equal, you might have seen two related trends in Google Analytics (or whatever analytics solution you use):
- A rise in ‘direct’ traffic to your web properties
- A fall in referral traffic
If your website is non-secure (http:// rather than https://) there’s a simple reason for this observation.
When someone clicks a link on a secure website (https://) that takes them to a non-secure (http://) website, web browsers DO NOT pass data about the referring source of that visit to the non-secure website. This is a part of the HTTP technical spec due to concerns about privacy and data protection.
This https to http blockade prevents analytics software such as Google Analytics from being able to detect where that visitor came from, so they record the visit as direct traffic rather than referral (where you would see the referring website listed).
The only way to prevent this issue and capture accurate referral data is to migrate your entire website from http to https.
Hopefully this handy little “infographic” helps convey what does and doesn’t get captured:
When it comes to explaining this trend to stakeholders, as long as the rise in ‘direct’ traffic corresponds to the fall in ‘referral’ then at least you can presume that all is well – however you will no longer be able to say for certain where traffic is coming from, nor make intelligent decisions about the value of coverage and links from external sites.
The list of websites served from https is growing rapidly
Data from builtwith.com demonstrates that within the top 1 million websites as measured by Quantcast, there’s a rapid rise in the percentage that are “SSL by default”. Although currently only representing 4.7% of the top 10,000 websites and 2.8% of the top 1 million, the percentage of websites served entirely from https has increased by 68% in the last 12 months alone.
Popular websites that now default to https include:
Some of these websites including Google+ have taken steps to ensure referral data is still passed, by sending external clicks via a special non-secure page. However, it’s clear that this trend is having an measurable impact – for some clients with non-https websites we’re seeing a year-on-year drop of 20%+ of referral traffic and a corresponding increase in ‘direct’.
Is it time you moved to https?
The impact of “https as a ranking signal” has been minimal at best (as of May 2015), and many brands have made the decision that the investment required to change to https isn’t worth any hard-to-quantify SEO benefit.
However, with the growing user expectation of a “secure web” and the loss of actionable insight available from web analytics tools, is it time you reviewed your priorities?
As of today, Further.co.uk is now https by default.