Do you know what the padlock symbol in your internet browser’s address bar means? If not, you’re not alone. New research by my colleagues and I shows that only 5% of UK adults understand the padlock’s significance. This is a threat to our online safety.
The padlock symbol on a web browser simply means that the data being sent between the web server and the user’s computer is encrypted and cannot be read by others. But when we asked people what they thought it meant, we received an array of incorrect answers.
In our study, we asked a cross section of 528 web users, aged between 18 and 86 years of age, a number of questions about the internet. Some 53% of them held a bachelor’s degree or above and 22% had a college certificate, while the remainder had no further education.
One of our questions was: “On the Google Chrome browser bar, do you know what the padlock icon represents/means?”
Of the 463 who responded, 63% stated they knew, or thought they knew, what the padlock symbol on their web browser meant, but only 7% gave the correct meaning. Respondents gave us a range of incorrect interpretations, believing among other things that the padlock signified a secure web page or that the website is safe and doesn’t contain any viruses or suspicious links. Others believed the symbol means a website is “trustworthy”, is not harmful, or is a “genuine” website.
Not understanding symbols like the padlock icon, can pose problems to internet users. These include increased security risks and simply hindering effective use of the technology.
Our findings corroborate research by Google itself, who in September, replaced the padlock icon with a neutral symbol described as a “tune icon”. In doing so, Google hopes to eradicate the misunderstandings that the padlock icon has afforded.
However, Google’s update now raises the question as to whether other web browser companies will join forces to ensure their designs are uniform and intuitive across all platforms.
Web browser evolution
Without a doubt, the browser, which is our point of entry to the world wide web, comes with a lot of responsibility on the part of web companies. It’s how we now visit web pages, so the browser has become an integral part of our daily lives.
It’s intriguing to look back and trace the evolution of the web’s design from the early 1990s to where we are today. Creating software that people wanted to use and found effective was at the heart of this evolution. The creation of functioning, satisfying, and most importantly, consistently designed user interfaces was an important goal in the 1990s. In fact, there was a drive in those early days to create web interface designs that were so consistent and intuitive that users would not need to think too much about how they work.
Nowadays, it’s a different story because the challenge is centred on helping people to think before they interact online. In light of this, it seems bizarre that the design of the web browser in 2023 still affords uncertainty through its design. Worse still, that it is inconsistently presented across its different providers.
It could be argued that this stems from the browser wars of the mid-1990s. That’s when the likes of Microsoft and former software company, Netscape, tried to outdo each other with faster, better and more unique products. The race to be distinct meant there was inconsistency between products.
Internet safety
However, introducing distinct browser designs can lead to user confusion, misunderstanding and a false sense of security, especially when it is now widely known that such inconsistency can breed confusion, and from that, frustration and lack of use.
As an expert in human-computer interaction, it is alarming to me that some browser companies continue to disregard established guidelines for usability. In a world where web browsers open the doors to potentially greater societal risks than the offline world, it is crucial to establish a consistent approach for addressing these dangers.
As a minimum, we need web browser companies to join forces in a concerted effort to shield users, or at the very least, heighten their awareness regarding potential online risks. This should include formulating one unified design across the board that affords an enriched and safe user experience.
- is a Reader in Human Computer Interaction, Cardiff Metropolitan University
- This article first appeared in The Conversation