For most people, HTTP is the part of the internet address we ignore. It’s a meaningless jumble of letters before the good old ‘www’. But in actuality, this section of the webpage URL has profound importance on the security of your online communications.
HTTP stands for ‘Hyper Text Transfer Protocol’, and it’s the protocol which for years has managed how your web browser connects with your favorite website. However, HTTP allows for communication over insecure connections. This means that your online communications, such as browsing habits, online purchases, payment information, chats, emails, and more are susceptible to being intercepted and read by online criminals.
Fortunately, a newer protocol - HTTPS (Hyper Text Transfer Protocol Secure) - has been developed to enforce online communication via encrypted connections only. This adds a major improvement in the security of your internet use; even if your communications are intercepted they cannot be read by outside actors. HTTPS achieves this security via one of two encryption protocols: SSL or TLS, with SSL being the more common.
Online companies like Google are strongly pushing for increased adoption of the new HTTPS protocol. In fact, Google announced that, starting in July 2018, the Chrome browser will begin flagging all sites using the old HTTP protocol as ‘not secure’, increasing pressure on sites that have not yet migrated to the new standard and informing users that their online activity on these sites may not be private.
All in all, the new protocol is already heavily used across the internet, without impacting the end user. In some cases sites may need to be adapted to use HTTPS, and there are several tools available to make the switch.
For Google’s explanation of HTTPS and efforts to create a more secure internet, check out their blog post on the subject here. For a more thorough and technical review on the benefits of HTTPS over the old HTTP, InstantSSL has a great primer.