Up until about a year ago, having a secure socket layer, or what’s commonly referred to as an SSL certificate, was only considered essential for websites set up for taking highly sensitive and personal information like credit cards. If you had a website with a retail component, it was critical that you carried extra security on your site.
In 2018, Google changed this by announcing that any website without an SSL certificate would, essentially, be penalized. Anyone who visits a website without the certificate would get a “not secure” message before the site opens and in the URL. The warning would likely make people leave the unsecure site and instead visit sites that are secure. Thus, making the unsecured site lose traffic which in turn would affect its ranking on the search engine.