As of Feb. 27, encryption protected 77 percent of requests sent from computers around the world to Google's servers, up from 52 percent at the end of 2013, according to new figures.
Released Tuesday as part of Google's Transparency Report, the data covers most Google traffic, with the exception of YouTube. The Web giant said it's aiming to achieve 100 percent encryption across all its products and services.
Since March 2014, 100 percent of Gmail traffic has been protected with HTTPS, a mechanism that allows your browser or app to securely connect to a website. As Google explains in the report, HTTPS "relies on encryption—SSL or TLS—to secure the connection," and offers protection against "eavesdroppers, man-in-the-middle attacks, and hijackers who attempt to spoof a trusted website."
"We are working to implement HTTPS across all of our products," the company said. "We continue to work through the technical barriers that make it more difficult to support encryption on some of our products."
Breaking it down by product, 100 percent of Drive traffic and 83 percent of Maps traffic is currently encrypted with HTTPS, Google's graphs show. Encryption also varies by country, "due to a variety of factors, including the types of devices in use in that country, as well as the availability of software that can support modern TLS," Google said.
Mexico leads the pack, with encryption protecting 86 percent of its traffic to Google; followed by Brazil at 84 percent; and Japan, India, and the U.K. tying for third at 82 percent. The U.S. comes in ninth, with encryption protecting 72 percent of requests Google receives.
Recommended by Our Editors
Google also notes that the "vast majority" of unencrypted end user traffic comes from mobile devices, largely because some older devices cannot support modern encryption, standards, or protocols. "Unfortunately, these devices may no longer be updated and may never support encryption," Google wrote in the report.
Several other "technical and political challenges" are standing in the way of Google's goal to attain full traffic encryption, including countries that "block or otherwise degrade HTTPS traffic," and a lack of technical resources within some organizations to implement it.
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
