What is the HTTPS security protocol
Google Chrome, Mozilla Firefox and other browsers indicate i Web sites in which the navigation is safety because it is protected by https protocol. Let's see what it means https, what difference is there from the previous one http protocol and what the symbols next to the various links mean.
At the end of January Google released the new version 56 of his Chrome browser which, in addition to having made some improvements to the previous performances making them more efficient, such as a faster re-loading of web pages, now marks the Internet sites where you can navigate safely as protected by https security protocol.
When browsing the Internet, the web addresses to which you connect are preceded by the writing HTTP or HTTPS. Let's see what these writings mean.
- HTTP: the connection is not encrypted and therefore is open between the user who browses and the server on which the website is based. This means that the connection could be intercepted by malicious people listening passively on the internet.
- HTTPS: the connection is encrypted, protected and secure, this means that no one will be able to spy on your online activities, because the transmitted data is unreadable without the decryption key.
That said, Those who, while browsing, should come across an http site are advised not to enter their access data and even less the data of their credit card.
For this reason more and more Web sites, mostly e-commerce, but also blog, are adapting to the HTTPS protocol to ensure a safer browsing experience for its users.
What are the reasons for the new HTTPS protocol?
Until last year, browsers, or the programs that you use every day to surf the internet, did not highlight the differences in terms of security between a site in http and one in https.
Now that the number of people connected, compared to a few years ago, has grown exponentially and the percentage of web users who do online shopping, there is a need to give greater guarantees on the security side to protect the data that users exchange on a daily basis Web sites.
Check if the connection of a site is secure: The symbols on the browsers
Now let's see what are the symbols that the browser shows to tell us the security level of a website and how they should be read.
- Green padlock symbol: means that the site has a security certificate and that the information sent to it remains private.
- White circle symbol with an “i” in the center: means that the site does not use a private connection and, therefore, the information sent could be captured by others. If this symbol precedes the address of a e-commerce website, remember not to enter important data such as credit card data or sensitive data such as passwords.
- Red triangle symbol with exclamation mark in the middle: i Web sites so marked are not secure and have problems with the privacy of the connection.
The information sent through these sites could be intercepted, so the advice is to leave the page of these sites.
Furthermore, by clicking on the icons, you can view the permissions and get more information about the site.
Out of the box
In most cases, sites with protocol https they are identified with the green padlock symbol. However, it could happen that you enter an https site marked by the circle symbol with the central “i”. This means that the web page contains content from domains whose address is not secure, such as advertising banners or videos.
Different precautions are provided for web pages considered dangerous, whose navigation is marked by the Chrome browser with a full page red screen. Navigation is not blocked but it is strongly discouraged. In short, at your own risk!
Finally, you may encounter the error message "the connection is not private" (or "this connection is not secure"). It means that the internet connection or the computer does not allow you to open the page safely in Chrome or on the other browsers.
Is migration to HTTPS required for all sites?
Not all Web sites they need to migrate to HTTPS, but, there are some cases, listed below, where the migration to the https protocol is strongly recommended:
- The website processes sensitive information;
- The site asks the user to authenticate in order to continue browsing;
- The portal gives the possibility to make payments;
- The data transmitted is critical.
In all these cases where conditions such as privacy, authentication security and data integrity are fundamental guarantees due to the user, migration to the HTTPS security protocol becomes mandatory.