Monday, February 16, 2009

The Difference Between HTTP and HTTPS-Truth!


**The main difference between http:// and https:// is It's all about keeping you secure**

HTTP stands for HyperText Transport Protocol, which is just a fancy way of saying it's a protocol (a language, in a manner of speaking) for information to be passed back and forth between web servers and
The important thing is the letter S which makes the difference between HTTP and HTTPS.

The S stands for "Secure".

If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://.

This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

This is why you never ever enter your credit card number in an http website!

But if the web address begins with https://, that basically means your compu ter is talking to the website in a secure code that no one can eavesdrop on.

You understand why this is so important, right?

If a website ever asks you to enter your credit card information,
you should automatically look to see if the web address begins with
https://. If it doesn't, no way should you enter sensitive
information like a credit card number

Summary of the eRumor:
A forwarded email that urges you to pay attention to whether a web address you are using to give confidential information starts with "HTTP" or "HTTPS." It says that "HTTPS" is the more secure of the two.

The Truth:

The eRumor is true.

Most web addresses begin with "HTTP," which is an acronym for "Hyper Text Transfer Protocol." It's the protocol used to allow you to communicate with web sites.

"HTTPS" stands for "Hyper Text Transfer Protocol Secure." It means that information exchanged between you and a web site is encrypted and cannot be hijacked by someone who might want to electronically eavesdrop when you type a credit card number, a password, a social security number, or any other person information.

The purpose of the email is to encourage you to check for the "HTTPS" before you give financial information. Most web sites are not HTTPS, but when you click a link to make a purchase, many of them will direct you to an HTTPS site.

According to, a provider of Internet infrastructure services, Secure Socket Layer Encryption is a technology that protects Web sites and makes it easy to develop trust by means of an "SSL Certificate that enables encryption of sensitive information during online transactions. Each SSL Certificate contains unique, authenticated information about the certificate owner and a Certificate Authority verifies the identity of the certificate owner when it is issued. "

Just because a website uses such SSL encryption does not safeguard internet users from phishing and other schemes. When visiting websites that accept financial information online it is always a wise practice to make sure the online company is legitimate, has a good reputation in customer service and uses SSL encryption in their transactions.

No comments: