Ever typed in a website address and wondered why some start with “HTTP” and some with “HTTPS”? No, the “S” is not a typo!
But let’s start at the beginning…. HTTP stands for Hypertext Transfer Protocol and acts as a request and response protocol for sending and receiving information over the Internet or World Wide Web. All the information or data sent via HTTP is un-encrypted or in plain text. This means anyone who can intercept the data would be able to read it. Not a problem for simple browsing but think about all the things we do now on the Internet that we might not want other people to be able to see: banking, using your credit card to make a purchase, insurance claims, etc.
This is where the “S” comes in! HTTPS stands for Hypertext Transfer Protocol Secure and just like the name suggests, the “Secure” part provides protection for the Internet transactions that need it. Instead of plaintext, data sent between two computers (the “client” and “server”) is encrypted so that it can’t be read if intercepted.
So how do you know if your transaction is via HTTPS? Firstly, the URL or website address should start with “https:// “. Secondly, most browsers have some sort of indication that the data transaction happening is secure. Microsoft’s Internet Explorer displays a padlock in either the bottom or the top of the window (depending on the version). Mozilla Firefox’s current version of 4.0 and higher no longer shows a padlock. Instead, they use a “site secure” button to the immediate left of the website address that shows all the security information regarding that website.
There’s a lot more to secure web browsing than just what the “S” stands for (like certificates and man-in-the-middle attacks), but I’ll save that for another day. For today, just remember, the “S” is definitely not a typo.