24+ SSL Statistics To Secure Your Browsing in 2024
WHAT WE HAVE ON THIS PAGE
SSL Statistics: Everything can be done online nowadays, from ordering laundry detergent to paying our taxes with a click. However, doing so typically involves disclosing some sort of personal information.
This leads to the following question: How safe is the internet?
SSL (Secure Sockets Layer) Certificates and SSL statistics come into play. Digital certificates were created in the middle of the 1990s and ensured authenticity, non-repudiation, confidentiality, and integrity of all online communication on the internet.
But there is a catch.
They were not mandatory. At least not until recently. The news is that different browsers such as Mozilla and Google Chrome are working harder to block uncertified websites as much as possible. The results are precise: the internet is now more encrypted than ever.
TSL And SSL (Strengths and Weaknesses)
TLS
Strengths
-
- Enhanced Security: TLS is the updated, more secure version of SSL. It uses stronger encryption algorithms and has the ability to work on different ports.
- Widely Adopted: TLS is widely supported and is the standard security technology for establishing an encrypted link between web servers and browsers.
- Versatile: It is used not only for secure web browsing but also for email privacy, securing VoIP, and more.
Weaknesses
-
- Complexity: Implementing TLS can be complex due to the vast number of options and configurations.
- Performance: Encryption and decryption processes can potentially slow down the performance of web services.
- Backward Compatibility: Some older systems might not be compatible with the latest versions of TLS, potentially leading to security risks if older versions have to be used.
SSL
Strengths
-
- Proven Track Record: SSL has been around for a long time and has a long history of protecting data in transit.
- Simplicity: SSL is relatively straightforward to implement with plenty of documentation available.
- SEO Benefits: Search engines favor HTTPS-encrypted websites, which relies on SSL/TLS protocols, often leading to better search engine rankings.
Weaknesses
-
- Outdated: SSL is considered outdated and less secure compared to TLS. Newer versions are not in use, and SSL 3.0 has been deprecated.
- Vulnerabilities: SSL has known vulnerabilities like the POODLE attack, which led to its deprecation in favor of TLS.
- Limited Capabilities: SSL lacks some of the advanced features and flexibility that TLS offers, such as the ability to negotiate which encryption method to use.
Editor’s Choice
- Despite being outdated, 8% of top websites maintain compatibility with SSL 3.0 and SSL 2.0 protocols.
- A vast majority of Chrome users’ browsing time, 93.2%, is on secure HTTPS pages.
- There’s still room for growth in HTTPS adoption, with 21% of the top websites not using it.
- Chrome has seen an increase in secure page loads, with 89% of pages served over HTTPS as of January 2021.
- Over 156,000 SSL certificates are tracked across the internet.
- Over half of websites exhibit some form of insufficient security.
- A small group of 9 authorities issues 77% of all certificates found online.
- Let’s Encrypt remains the most popular authority with a vast majority of all issued certificates at 58.21%.
- 1 in every 10 URLs poses a security threat.
- A significant portion of sites, 68%, still offer support for the older TLS 1.0 protocol.
- The Certificate Authority market is expected to hit USD 114 million by end of 2024.
- The majority of online shoppers, 85%, steer clear of websites that are not secured.
- The number of SSL certificates has seen significant growth, with over 292 million detected on the Internet by the end of 2023.
- The Certificate Authority market is on an upward trajectory, expected to reach USD 282 million by 2028.
- A majority of SSL certificates, 94.3%, are for Domain Validation, which is the most common type of certification.
- Despite the prevalence of SSL certificates, 36.3% of sites have been marked for inadequate security practices.
- Adoption of the latest TLS 1.3 protocol has reached 62.1% of surveyed sites.
- Alarmingly, over 90% of phishing websites have been reported to use HTTPS, which includes SSL certificates.
- In terms of paid SSL certificate services, IdenTrust holds the largest market share at 53.5%.
- However, it’s worth noting that a significant percentage of top companies have received failing grades for their SSL/TLS implementations, with 32% of US companies and 16% of European companies not meeting standards.
You May Also Like To Read
- Cloud Security Statistics
- VoIP Statistics
- Web Design Statistics
- Networking Statistics
- Spam Statistics
- Phishing Statistics
- Hacking Statistics
- Data Breach Statistics
- Chinese Cyber Attack Statistics
Interesting SSL Statistics and Facts
Let’s start with some of our most exciting SSL statistics.
#1. 6.8% of the top 100,000 websites still support SSL 3.0 and SSL 2.0.
The percentage of websites that continue to support SSL 3.0 and SSL 2.0 is another interesting finding from the research. Despite the calls from various industry and regulatory groups to abandon these versions, 6.8% of the top 100,000 websites still support them.
TLS 1.3 is currently accessible and widely used; this statistic is surprising. In addition, SSL 2.0 and SSL 3.0’s heyday has long passed; thus, depending on them for encryption would leave your website more vulnerable to attacks. (Source: WatchGuard)
#2. Chrome users spend 93.2% of their surfing time on HTTPS pages.
This statistic represents the average browsing time across all supported platforms of Chrome. As we can see, it is much higher than the percentage for loaded pages. If users discover a website is not secure, they are more likely to leave it immediately.
Even more minor is the difference between platforms. Mac and Chromecast are the leaders with 97% and 98%, respectively. Linux comes in last with 86%, while Windows and Android both have close to 94%. (Source: Google’s Transparency Report)
#3. Nearly 21% of the top 100,000 Alexa-ranked websites still don’t use HTTPS.
WatchGuard’s Q3 of 2018 Internet Security Report shows that 20,911 of the top 100,000 websites still use insecure HTTP. A website owner who is serious about protecting their site’s security should not share plaintext over port 80, instead of connecting securely through port 443. At least not according to current standards.
The good news is that things are gradually progressing toward a totally encrypted internet, even though 20% or more is a significant percentage that shouldn’t be ignored. Considering HTTPS usage statistics, an adoption rate of 79% is not alarming. (Source: WatchGuard)
#4. 68% of sites still support TLS 1.0.
TLS 1.3 is the current version. Most experts agree that it is best practice to avoid supporting SSL 3.0 and SSL 2.0 because these versions are regarded as insecure and vulnerable to known exploits such as DROWN and POODLE. TLS 1.0 is also in danger of the same fate, as it is pretty old. TLS 1.1 and TLS 1.0 are anticipated to be discontinued by 2021.
The PCI SSC (The Payment Card Industry Security Standards Council) mandated that TLS 1.0 be disabled by eCommerce website owners by June 30, 2018.
According to recent SSL statistics, 68% of surveyed sites still support TLS 1.0, 1.9% supports SSL 2.0, and 7.6% maintain SSL 3.0 protocols. Additionally, TLS 1.1 is also used by 77.4%. TLS 1.2 is the most popular and supported by 95.2% of websites. Only 14.2% of websites supported TLS1.3 as of May 2019. This should change in the near future. (Source: SSLlabs)
#5. As of 2023, more than 90% of pages loaded in Chrome are served over HTTPS, reflecting a continued commitment to securing web traffic and user data across the internet.
Google has been collecting HTTPS statistics since 2015, thanks to users who generously clicked “Yes” when asked if they wanted to share their surfing information. As of 2023, the average HTTPS traffic on all platforms was 90%.
In April 2015, the average was only 40%. Since Google began collecting data, the percentage has increased by double.
Chromecast is the most popular, with 97% of HTTPS-loaded web pages. The number varies between platforms, but the average is nearly 90%. Only Linux is lagging with 77%. (Source: Google’s Transparency Report)
#6. In 2022, BuiltWith discovered 176,577,458 SSL certificates on the internet.
That’s a significant rise in the number of certificates from the previous year! The top 1 million most frequented websites had 1,978,650 detected certificates. There were 266,218 detections in the top 100,000 sites and an additional 33,496 in the top 10,000 sites. The United States discovered 59,205,148 certificates, followed by German sites with 5,533,981 certificates and United Kingdom sites with 5,363,259 certificates. Guinea-Bissau came in last, with just 11 certificates for the whole country.
However, the significant numbers in no way imply that the entire internet is encrypted and safe. (Source: BuiltWith)
#7. SSL Labs claims that 53.5% of websites have insufficient security.
Based on Alexa’s ranking of the top websites in the world, SSL Pulse is a project that regularly collects TLS and SSL statistics from 150,000 websites. On August 4, 2021, the most recent study that was made public covered over 136,000 websites.
The survey found that 53.5% of websites (or 72,899 sites) have insufficient security. 32.3% of sites received an A grade. Another 14% of the websites in the survey deserved an A+ grade, indicating that they are fully encrypted and secure. In addition, only 174 sites, or 0.1% of websites, received an A- grade.
(Source: SSLlabs)
#8. Mobile devices account for 35.4% of Google’s unencrypted user traffic.
Over 70% of unencrypted traffic was generated by mobile devices last year; this is arguably the most significant change. Mobile devices are currently in better form than desktops, demonstrating that smartphones are finally receiving the attention they deserve.
(Source: Google’s Transparency Report)
SSL Certificate Authorities Statistics
Supporting encryption is essential, but that is not all. It is equally important to know who will guarantee the validity of your certificates. Let’s take a closure look at statistics on certificate authorities.
Historical patterns in the usage stats of SSL certificate authorities for sites since July 2021
The chart shows just SSL certificate authorities with over 1% usage.
Summary of SSL Certificate Authorities statistics
- Let’s Encrypt leads with over 58% of all issued certificates.
- The top six Certificate Authorities issue 90% of SSL certificates.
- The Certificate Authority market is expected to grow to $282 million by 2028.
- Domain Validation certificates represent 94.3% of all SSL certificates.
- A significant portion of websites, 36.3%, do not follow the best security practices.
- 62.1% of sites support the latest TLS 1.3 protocol.
- Over 90% of phishing websites use HTTPS.
#9. 95.77% of all certificates available online are issued only by 9 authorities.
All other certificate authorities are less than 1% market presence. Trust is essential when it comes to encryption. These nine authorities have demonstrated themselves to be reliable and trustworthy.
Amazon ranks outside the top 9 sites with 0.84% of all granted certificates, which may surprise. (Source: Censys)
#10. As of November 2023, Let’s Encrypt reported approximately 301.1 million active certificates, 372.8 million active fully-qualified domains, and 115.9 million active registered domains.
As of November 2023, Let’s Encrypt has recorded significant numbers in their service usage. There are about 301.1 million active SSL certificates in circulation. This means that over 300 million websites or services have current security certificates from Let’s Encrypt to keep their connections secure. Additionally, there are roughly 372.8 million fully-qualified domain names that are actively secured by these certificates, indicating a wide-reaching effort to protect internet domains.
Moreover, 115.9 million registered domains are actively using Let’s Encrypt’s services, showcasing the trust and reliance on their system to safeguard web traffic. This demonstrates Let’s Encrypt’s extensive role in enhancing internet security by providing SSL certificates to a vast number of domains globally.
#11. Let’s Encrypt issued 3.16 million certificates daily in July 2021.
The month was the best for Let’s Encrypt to date. Just 5,712 certificates were issued by the Authority on January 2, 2015, to put things in perspective.
Let’s Encrypt’s success is because it is a free service. The platform is open source, and the procedure is automated, making it simple to use. The objective is to increase security on the internet. (Source: Letsencrypt.org)
#12. Let’s Encrypt is the most widely used certificate authority, with 58.21% of all issued certificates.
Regarding SSL usage statistics, Let’s Encrypt is the undisputed champion. The authority supported more than 169 million fully-qualified domains as of May 2019. It is also responsible for over 98,072 million active certificates and more than 51 million registered domains.
CloudFare comes second with over 41 million issued certificates, or 12.21% of all SSL certificates. They are followed in popularity by cPanel (9.53%) and DigiCert (4.46%). Sectigo is the following famous authority with 3.15% and GoDaddy with 2.43% respectively. (Source: Censys)
SSL Certificates Market
The SSL certificates industry is anticipated to expand quickly as browsers push for complete encryption. These Secure Socket Layer statistics will prove it.
#13. The total number of certificates grew by over 13.2 million from June 2017 to June 2018.
This was a remarkable 68% increase in YOY growth. Although Extended Validation (EV) increased by an incredible 21.1% and Domain Validation (DV) still made up the majority of 80%.
Currently, DV continues to dominate the market, accounting for 94.30% of all certificates. OV (Organization Validations) accounts for 5%, whereas EV accounts for just 0.7%. However, the figures alter when we examine the traffic share by certificate type. 49% of all the traffic goes via websites that have OV, 37.9% via websites that have DV, and 13.2% through websites with EV. (Source: TheSSLstore)
#14. In 2024, the Certificate Authority market is anticipated to reach USD 114 million.
The Zion Market Research’s report shows that Certificate Authority’s market value was approximately $57 million in 2017. Surprisingly, it is projected to increase at a CAGR of slightly over 10.18% and double by 2024. This is true even though free certificate authorities like Let’s Encrypt have emerged. (Source: GlobeNewsWire)
#15. For paid SSL Certificate services, IdenTrust has a 53.5% market share.
Let’s Encrypt is the most well-known authority with the most significant number of active certificates and extensive use. However, regarding paid services, SSL stats for 2021 show that IdenTrust is the clear leader with a market share of 53.5% as of that year. This is a slight increase from the previous year.
DigiCert Group overtook Sectigo for second place with a market share of 19.3%. With 16.8%, Sectigo is right behind it, showing that both providers’ market shares have grown since the previous year.
A w3techs survey found that IdenTrust is used by nearly 36.9% of all sites. This equates to a market share of 53.5%. This means that 11.6% of websites don’t use encryption at all.
There’s more, too:
17.9% of the sites in the survey had invalid domains. 1.6% of the websites in the survey had expired certificates, 0.2% of the sites had certificates issued by unrecognized authorities, and 0.1% of the sites had self-signed certificates. (Source: w3techs)
#16. 91% of chief information officers have complete visibility of TLS certificates in their infrastructure.
Usage stats for the TLS version reveal that complicated IT infrastructures frequently have over 10,000 certificates. However, 79% of chief information officers know some of the number of keys they possess.
Furthermore, 9 out of 10 chief information officers can see all certificates in the infrastructure that are completely visible. However, other research suggests that respondents may have overestimated their knowledge of certificate usage.
#17. Less expensive SSL options range in price from $50 to $200 annually.
Most website owners search for the most economical SSL packages, just like in any other area of life. The most recent SSL people purchasing statistics show that GoDaddy and Comodo offer very reasonable prices, making them appealing choices.
Undoubtedly, the most well-liked packages are offered for free, which is why Let’s Encrypt has such immense popularity. Paid plans frequently provide better security and more sophisticated cryptographic keys.
SSL Implementation
The numbers for 2022 have not yet been released, but the predictions for a safer net were quite encouraging. We are not likely to reach the fully encrypted web promised land even in 2022; we will get quite close. Let us look at what the figures suggest.
#18. In India, 97% of the traffic going to Google is encrypted.
India is in first place with Japan and the United Kingdom. The next set of nations includes Brazil, Mexico, and Indonesia, where 95% of all traffic going to Google is encrypted. France is the following country with 92% and the United States and Russia, where 91% of all traffic going to Google is encrypted. (Source: Google’s Transparency Report)
#19. In 2023, over 90% of web pages accessed via the Chrome browser in the United States were served using HTTPS, indicating a high level of secure web browsing.
It was just 45% of pages four years ago. All countries in the report are seeing this rising trend. Germany comes in second place with 89% of pages loaded via HTTPS, an increase of 35% from 4 years ago. France comes next with 88% of pages loaded via HTTPS, followed by Mexico and Russia with 82%.
The same trend is evident in HTTPS usage statistics for other browsers. Around 78% of all pages in Firefox are accessible via HTTPS. (Source: Google’s Transparency Report)
#20. More than 90% of the world’s HTTP traffic was anticipated to be secured over TLS/SSL in 2023.
According to more and more SSL statistics, we are closer to an encrypted 100% web. Hugely popular browsers like Chrome and Firefox are working hard to get us there as soon as possible. However, Divergent UI policies could delay the entire process and cause users to suffer in the interim.
(Source: CA Security Council)
How Important Is Encryption?
Encrypted browsing sessions will be essential in 2021 and beyond because encryption locks your data and prevents the information from being stolen. Here are the statistics on SSL and encryption in the modern web industry.
#21. Since 2014, Google has been using HTTPS as a ranking factor.
To optimize a website and improve its ranking, you should use encryption. Although this initially had little impact on your overall score, Google has made significant improvements in recent years.
The search engine behemoth is highlighting the significance of safe connections with its open call for fully encrypted websites. Because of this, SSL certificates are now required for all website owners who depend on Google for traffic. (Source: GoogleBlog)
#22. 56% of businesses completely encrypted their internet traffic in 2020.
Over half of businesses and companies worldwide fully encrypted their online communications in 2020. The same study also found that 27% of businesses only partially encrypted their online communication.
#23. In 2019, 1 out of 10 URLs was still malicious.
This statistic was presented in Symantec’s 2019 Internet Security Threat Report. Another interesting finding in the report is the high number of detected formsjackings. This happens when hackers load malicious code onto shopping cart websites in order to steal customers’ credit card details.
What is the result?
Every year, on average, more than 48,000 different websites are compromised. (Source: Symantec)
#24. 85% of online customers avoid unsafe websites.
Online customers are becoming more selective—for a good reason—given all the fuss about data security.
Additionally, browsers are always looking for ways to make website security information visible to end users. The padlock in front of the URL, which denotes that the website is safe and any information sent through it will be encrypted, is something we’ve all observed. Websites with an EV SSL Certificate can also use the Green Address Bar function. (Source: GlobalSign)
Conclusion
SSL/TLS encryption is now considered standard. Users want reassurance that any information they disclose online is safe, and developers are ready to give it to them.
You have no excuse for not encrypting your website, considering the ease with which free SSL certificates are accessible.
These SSL statistics show that website security is a critical issue that should not be taken lightly. Website owners and administrators should take the necessary steps to secure their websites with SSL certificates to protect their users’ data. Visitors to websites should also take precautions to protect themselves by verifying that the website is secure before entering any personal information.
A fully encrypted internet may soon become a reality thanks to the combined efforts of the tech giants and the best certificate issuers.
FAQ.
A technique that offers encryption and authentication for secure browsing is called Secure Socket Layer or SSL. As a result, SSL acts as a sentinel and protects your private information by preventing communication with unauthorized websites and servers.
SSL wouldn't have spread as fast without certificate authorities' free packages. Free encryption may not provide the full spectrum of security benefits, but it can encrypt sessions and improve your site's SERP ranking.
On the other hand, Paid SSL certificates can offer superior security in an unreadable format. Prices differ from one certificate authority to another certificate authority, but the most popular packages cost between $50 and $200 annually.
You can identify a website using HTTPS technology by the small green lock in the left corner of your browser, which you can find on the majority of modern sites. However, HTTPS is only one piece of the cybersecurity jigsaw puzzle. It does not guarantee that you have landed on a secure page.
However, the absence of the HTTPS protocol is a major red flag, and the majority of browsers will alert users when they attempt to visit such sites. Therefore, even if HTTPS sites may not always be safe, those lacking the green lock are unquestionably insecure.
Most websites use Secure Socket Layer technology; however, not all show the green padlock in the address bar. According to the most recent reports, approximately 95% of the sites run the HTTPS protocol. However, more than half use the advanced HTTPS/2 version.
More than 90% of online traffic is encrypted in the majority of nations, and many companies use SSL certificates. Although the exact number fluctuates depending on the platform, HTTPS and SSL are dominating the web.
Google's HTTPS policies are transparent, and this IT giant strives to make the virtual world as safe as possible. This is why Google Chrome users spend 99% of their browsing time on HTTPS sites. The scenario is the same whether you browse on a desktop or a mobile device.
Furthermore, specialists agree that the growth trend will continue for many years, leading to complete web coverage.
For example, SSL statistics and Google's reports indicate that in 2021, more than 95% of indexed sites will be using Hypertext Transfer Protocol.
Hopefully, you have liked these impressive SSL statistics!
Barry is a lover of everything technology. Figuring out how the software works and creating content to shed more light on the value it offers users is his favorite pastime. When not evaluating apps or programs, he's busy trying out new healthy recipes, doing yoga, meditating, or taking nature walks with his little one.
