HTTP vs HTTPS (What's the difference?)

Follow

HTTP (HyperText Transfer Protocol) was originally introduced in order for network administrators to share information between websites and browsers. However due to the lack of security, over time the connection between HTTP Protocols became easy to understand and intercept (or get hacked).

That's when it was decided to introduce HTTPS (HyperText Transfer Protocol Secure)

 

HTTPS relies on one of two methods to encrypt and translate information between sites; 

Secure Sockets Layer (SSL) or Transport Layer Security (TLS)

These work in the same way by using what is called a Public Key Infrastructure (PKI). Essentially the system uses two "keys" to encrypt information, a public key and a private key

If something is encrypted with a private key, it can only be unlocked with a public key and vice versa.

 

See image below - courtesy of instantssl.com

                      Screen_Shot_2017-06-08_at_09.07.26.png

 

So what's the benefit?

Anything sent over HTTP is sent in 'plain text', meaning it can be intercepted and easily hacked. This poses danger if the information being communicated is highly sensitive i.e credit card information. 

The purpose of HTTPS is to encrypt this data, making it impossible for anyone to hack the information even if they were to intercept the connection. Meaning the data and information sent will stay safe. 

 

There has been a push for as many websites as possible to be switched from HTTP to HTTPS to maintain security across the web, and prevent as many cases of hacking and fraudulent behaviour as possible. Businesses and consumers are becoming more savvy to the benefits to HTTPS as they go about activity online, meaning if you're not switched over yet you should look at doing so sooner rather than later! 

 

 

 

 

 

 

 

 

 

 

Have more questions? Submit a request

Comments