Commentary: This email forward offers some timely advice that may help many Internet users avoid compromising their security online. The message outlines in plain English the difference between the http and https protocols. It explains why it is important to ensure that a web page is using the secure https protocol before providing financial information such as credit card numbers. ©iStockphoto/Alexey Khlobystov Http Protocol The information provided in the email is correct and well worth heeding. Hypertext Transfer Protocol (http) is a system that allows the transmitting and receiving of information across the Internet. Http allows information, such as the text you are reading right now, to be accessed from the server by your web browser. While http allows for the quick and easy transmission of information it is not secure and it is possible for a third party to "listen in" to the "conversation" between servers and clients. For many purposes, such as a website article that is open and available to everyone, this lack of security is of no importance. However, if a website is one that needs to collect private information such as credit card numbers, then a more secure protocol is an important prerequisite. For example, purchasing a product or service online or using Internet banking, it is vital that the exchange of information between clients and servers cannot be easily harvested by third parties. Thus, the https (secure http) protocol was developed to allow the authorisation of users and secure transactions. So, as the message states, if you are required to provide sensitive personal or financial information on a web page, always ensure that the web address starts with https not just http. Knowing the difference between http and https can certainly help web users keep their information secure. For example, if a webpage, such as an Internet banking login page, that should be secure, uses http rather than https in its address, it may well be a "look-a-like" phishing site designed to steal financial information. A genuine financial institution website would NEVER use the unsecure http protocol on any pages that requires customers to provide personal or financial information. Unfortunately however, even if a site address does display https, it might still be a bogus phishing web page. Internet criminals can sometimes use clever spoofing techniques to make a fake web page appear to be using the https protocol. Thus, other methods of avoiding phishing scams should also be used. Note: Most modern browsers also display a "lock" icon in the status bar or, possibly, in the address field, when a secure https website is being accessed. Generally, you can click on the lock icon to display more information about the secure website.
Posted on: Fri, 06 Sep 2013 11:56:29 +0000
Trending Topics
Recently Viewed Topics
© 2015