30 January 2017

What is SSL and How HTTPS is more secure than HTTP?

Leave a Comment
Internet is now smart enough to deal with attackers who try to steal user's information. Although hundreds of websites are hacked daily but that's all up to their own security level. Imagine why big giant websites like Facebook and Google are still safe? Simple, because they adopt latest technology to secure their data.

SSL connection, HTTPS and HTTP

While surfing Internet you might have come across various new terms like SSL, TLS, HTTP, HTTPS etc,. So what does they mean, how they work and how they are related to the Internet's security. Another popular question which most people ask is how https enabled websites are more secure than http. Here I will answer all these questions briefly. Let's first have a look at SSL connection.

What is SSL connection and SSL certificate?

SSL stands for Secure Sockets Layer. As name itself suggests, it's an extra security layer which keeps all your data private and safe. Normally when you enter confidential information like your username, password or credit card number, data is transmitted in a plain text which is very easy to hack.

To fill this vulnerability, SSL was introduced which encrypts your data before transmission. It creates a secure connection between a client (or browser) and a server. Even if someone will gain access to the encrypted data, he can't be able to decrypt it and thus your information is safe.

All websites using SSL connection are issued a SSL certificate which contains a public and a private key. It also contains information of the certificate and website owner. When browser attempt to access a website which is secured by SSL, first it verify the authenticity of the SSL certificate. It only accept trusted certificate issuers (called CA or Certificate Authority) like DigiCert.

Once after checking the SSL certificate, data is encrypted by the browser using the server's public key and then server decrypts it using its private key. In this way a secure connection is established between the web server (website) and your browser.

How HTTPS is more secure than HTTP?

You might have seen many websites starting with HTTPS instead of HTTP. So what is the main difference between them. HTTP stands for HyperText Transfer Protocol whereas HTTPS is short for HyperText Transfer Protocol Secure.

As name suggests, HTTPS is the advanced version of HTTP which is more secure. Instead of sending data in a plain text, HTTPS websites uses SSL connection to encrypt your data and thus adds an extra security layer. It helps you to keep your confidential information safe.

You will find a small green color lock icon in the URL tab of HTTPS enabled websites like Google, Facebook, Twitter and bank sites. This green color lock icon means your connection is encrypted and you're connected with a safe websites. By clicking on this lock icon, you can get more details about the SSL certificate and its Certificate Authority (CA).

So this is all what you need to know about SSL connection and HTTPS enabled websites. If you have any doubts in your mind, feel free to share them in the comments below.

Leave A Comment