Portfolio Project

Online security article for an ecommerce website

Online security – what does ‘https’ in a web address mean?


Cyber crime, as you know, is a major issue these days. Online fraud, identity theft, stealing from bank accounts – you hear about it every day.


Your passwords, credit card details and other information are very valuable to criminals, and they try hard to get them. One trick they use is to intercept information that you send to non-secure websites.


Those are websites that don’t use HTTPS to encrypt data.


What does HTTPS stand for?

HTTPS stands for Hypertext Transfer Protocol Secure.

It’s a secure version of HTTP (Hypertext Transfer Protocol), the standard set of rules for transferring information on the World Wide Web.

With HTTP, when information is exchanged between your web browser and a web page, it’s sent as plain text. This means that if anyone intercepts the communication, they can read the information being sent. This is particularly dangerous if you’re sending sensitive information like your credit card details.

HTTPS uses an extra layer of security such as SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to encrypt the information. This makes it very difficult for a hacker to get anything useful from it.

Most reputable websites these days, including GizzmoHeaven, use HTTPS. Your browser will display a padlock icon when you’re connected to a secure HTTPS website.


How does HTTPS differ from HTTP?

HTTPS is a secure version of HTTP, to make sure no one can steal your information.

When you connect with a HTTPS site, your computer and the website agree on a code between them. They then use the code to scramble or encrypt the information they send, so that no one in between can understand it.

Without the code, the data will just be a string of meaningless characters that won’t be of any use to hackers.

HTTP doesn’t use encryption – it just sends data as plain text.

Besides encryption, HTTPS has other advantages over HTTP. It ensures data integrity, and it provides authentication. Data integrity means that data can’t be modified or corrupted during transfer without being detected. Authentication means that you’re on an authentic site, and not one set up by fraudsters.


What’s a Digital Certificate?

To have a secure HTTPS website – like GizzmoHeaven’s – the owner of the site must have a genuine Digital Certificate. It’s needed to encrypt data that’s transferred between the website and a browser.


The certificate (also called a public key certificate) is a bit like an electronic passport. It provides proof that the website really is what it says it is. It’s given to a company by an official Certificate Authority, once they’ve verified that the company actually owns the website.


A Digital Certificate – like HTTPS – is proof that the website you’re on is authentic.



Cyber crime is a major problem and is likely to stay that way. So it’s important to use good online security. Criminals are keen to get your personal information such as passwords and credit card details. One way they do this is to intercept information you send to non-secure websites – websites that use HTTP instead of HTTPS.


Reputable companies who ask you for sensitive information use HTTPS to encrypt it. That way, criminals can’t read it.


Here at GizzmoHeaven, we take security very seriously. We’ve a Digital Certificate and our website uses HTTPS. So when you’re on our site, you know it’s us – and you know your communications with us are secure.




© 2012–2020 by David Bain / Write On Target