The business is not the user for SSL. It's the human logging into the website. Maybe Bank of America will care if the padlock in the URL bar is gone, but John Doe couldn't care less and probably has never noticed the green padlock and word secure in the URL bar ever.
