The difference between HTTP and HTTPS-Truth!

The Difference Between HTTP and HTTPS-Truth!

Summary of eRumor:

A forwarded email that urges you to pay attention to whether a web address you are using to give confidential information starts with “HTTP” or “HTTPS.”  It says that “HTTPS” is the more secure of the two.

The Truth:

The eRumor is true. 

Most web addresses begin with “HTTP,” which is an acronym for “Hyper Text Transfer Protocol.”  It’s the protocol used to allow you to communicate with web sites.

“HTTPS” stands for “Hyper Text Transfer Protocol Secure.”  It means that information exchanged between you and a web site is encrypted and cannot be hijacked by someone who might want to electronically eavesdrop when you type a credit card number, a password, a social security number, or any other person information.

The purpose of the email is to encourage you to check for the “HTTPS” before you give financial information.  Most web sites are not HTTPS, but when you click a link to make a purchase, many of them will direct you to an HTTPS site.

According to, a provider of Internet infrastructure services, Secure Socket Layer Encryption is a technology that protects Web sites and makes it easy to develop trust by means of an “SSL Certificate that enables encryption of sensitive information during online transactions.  Each SSL Certificate contains unique, authenticated information about the certificate owner and a Certificate Authority verifies the identity of the certificate owner when it is issued. “

Just because a website uses such SSL encryption does not safeguard internet users from phishing and other schemes.  When visiting websites that accept financial information online it is always a wise practice to make sure the online company is legitimate, has a good reputation in customer service and uses SSL encryption in their transactions. 

updated 02/03/09