Tuesday, March 15, 2011

Maps APIs over SSL now available to all

As public WiFi becomes increasingly ubiquitous, we spend more and more of our time on shared networks. This can expose our personal data to third parties if the sites we access are not secure. Many sites use Google services to store and manage Google data. In response to this, Google is today announcing improved support for SSL (Secure Sockets Layer) across many APIs, and recommending that any application that manages user data switch to using SSL.

We want to ensure that applications using the Google Maps API are free to follow this recommendation. As such we are happy to offer free access to the Maps API v3, Static Maps API, and Maps API Web Services over HTTPS to all developers from today. To load the Maps API v3 over HTTPS, the API must be loaded from the hostname maps-api-ssl.google.com. For the Static Maps API and Web Services, please use maps.googleapis.com.

In addition to offering access over HTTPS, all of the Maps APIs (with the continuing exception of the Places API) will continue to be accessible over HTTP, and we recommend that sites that are using the API purely to display public data, such as store locations, continue to use HTTP for optimal performance.

Please also note that although SSL access is now available to all developers, the terms of the Maps API have not changed. If your site uses SSL because you charge for access to your application, or because your application is not publicly accessible to all users, you must still purchase a Maps API Premier license. For more information on Maps API Premier, please contact the Maps API Premier Sales team.

We hope this change assists in making your users feel safe and secure using your applications. If you have any questions or concerns about this change, please post to the Maps API v3, Static Maps API, or Web Services forum as appropriate for the service you are using.