Key Difference: HTTP, an acronym for Hyper Text Transfer Protocol is a system that is used to transmit and receive information from a server. HTTPS is a secure transfer system that encrypts the data before the connection is formed for sending or retrieving the data from the server.

When accessing a webpage, the words HTTP or HTTPS can be found right before the URL begins. What does this mean and how does it work?

HTTP, an acronym for Hyper Text Transfer Protocol is a system that is used to transmit and receive information from a server. Let’s break it down. If one wants to access a webpage, all they have to do is input the URL into the address bar. The URL becomes the request that is sent by the client (the person who asked for the URL) to where the data for that webpage is stored. Once, the request is sent to the server (where the data is stored), the server responds to the request in two ways; it will either send the information or it will show an error if the request cannot be completed.

HTTP is responsible for the back and forth transmitting of data between the server and client. The first HTTP had only one method called as GET, which would request a page from server and the response was a HTML page. The latest version of HTTP defines nine request methods. However, the data that is sent across is not at all secure. This meant that the data was accessible by anyone on that network, making it useless for sending confidential information. To solve this shortcoming, Netscape Corporation developed the HTTP secure that allowed authorization and secured transactions. 

On many levels, it is similar to HTTP as it follows the same protocols. However, it adds an additional feature – encryption. The data sent to and from the server are encrypted by both the client and the server. Hence, the request as well as the data retrieved are both secured. When using an HTTPS connection, the server responds to the initial request by offering a list of encryption methods that are supported by it. In response, the client selects a connection method, and the client and server exchange certificates to authenticate their identities. After everything has been decided, the server can the client will exchange secure information. Once the exchange is done, the server will disconnect the connection.

HTTPS can most commonly be found in situations such as log-in pages for banking, forms, corporate log ons, and other applications in which data needs to be secure. While, HTTP is used for normal webpages that are on the public domain.

Comparison between HTTP and HTTPS:

Image Courtesy: wikipedia.org, hallaminternet.com