Protecting our communication online has never been more vital in this day of technology. Each time you log onto a website, send an email, make an online purchase, etc., you are sending sensitive information via the internet (e.g. passwords, credit card info, etc.). If your online communications are not protected properly, hackers and other unauthorized individuals may intercept your communications.
Encryption prevents this type of interception by encrypting your online communications to prevent unauthorized parties from reading them. On the internet, encryption is typically used with the help of technology’s, such as SSL, TLS and HTTPS, to protect all communications sent over the web and to protect your privacy.
What Is Encryption?
Encryption converts information into an unreadable (coded) format, which keeps out those with no decryption key. When encryption occurs, the sender uses a mathematical algorithm to convert the information into a format that cannot be understood by any party that does not have the correct decryption key.
Encryption is a critical element in protecting your online privacy. Emails, logins, passwords, bank account numbers, credit card information, and all forms of confidential information are protected from being captured and viewed during the transmission of the information.
Encryption also maintains the integrity of the data by ensuring that what is received is identical to what was originally sent and has not been modified or altered during transmission.
Understanding SSL (Secure Sockets Layer)
SSL (Secure Sockets Layer) is an early encryption protocol used to provide secure connections between web servers and browsers. SSL was developed in the 1990’s for protecting sensitive on-line information.
SSL works by encrypting communications between the user’s browser and the web server so that an attacker cannot read the communications if the attacker intercepts them. In addition to providing encryption for communications, SSL verifies the identity of the Web Server, this helps assure the user that he or she is communicating with a legitimate service versus a service created to deceive the user.
SSL was widely used until recently when it was eventually replaced by its much more secure successor, TLS.
Understanding TLS (Transport Layer Security)
The modern version of the encryption protocol used to protect data when transmitted over the internet, Transport Layer Security (TLS), evolved out of SSL (Secure Sockets Layer). Although it also encrypts data as it is being transmitted (similar to how SSL does), TLS has stronger encryption protocols than SSL; and, since SSL has some security issues, TLS solves those too.
Just like with SSL, when you access a site using TLS, your data is encrypted while it is being sent; and, when you send data to the server, your computer verifies the identity of the server. Today, TLS is the de facto standard for encrypting online communication; therefore, almost all modern sites, email servers, and message systems use TLS.
What Is HTTPS?
Hypertext Transfer Protocol Secure (HTTPS) is the combination of the Hypertext Transfer Protocol (HTTP) and encryption by use of Transport Layer Security (TLS). In essence, HTTPS is the secure version of HTTP which is the protocol for loading websites.
When a user accesses a website that begins with “https://” , it signifies that both the user’s browser and the remote webserver are utilizing TLS to encrypt the communication. The TLS encryption protects the transmission of all data submitted to the site (e.g. login credentials, credit card numbers, etc.) from being intercepted and/or tampered with during transmission.
In addition to the secure connection, Web Browsers will typically display some type of visual indication that a site is utilizing HTTPS (e.g. a padlock icon), in order to assist the user in identifying those sites that provide a secure connection, and to prevent the user from accessing a site via an insecure connection.
Why Encryption Matters
Encryption provides security for personal data (including your identity) to prevent fraud/identity theft while enabling you to perform financial transactions online safely. If you do not encrypt your data it can be captured by a hacker, cyber criminal or even someone who is simply a person browsing a free public Wi-Fi network.
The main advantages of using SSL, TLS, and HTTPS include:
- Data Privacy: Your encrypted data will be unreadable to anyone who intercepts it.
- Data Integrity: Guarantees that your message/data is in its original form upon arrival at its destination.
- Authentication: Confirms that the site you are visiting is authentic and valid.
- User Trust: When users see a lock next to an address bar they know their transaction is being performed securely.
Everyday Examples of Encryption
Encryption has become a regular occurrence in our daily internet activities:
- Online Banking: Encrypts the log-in and account details (transaction) for your protection.
- Email Services: Uses encryption to protect the message or emails being transmitted between servers.
- E-commerce Sites: Use encryption to protect your credit card information when checking out.
- Messaging Apps: Most messaging apps encrypt end-to-end so that you can have private conversations with people.
Temporary email services like Evap Mail also provide encryption to ensure that all emails you receive are transmitted securely, therefore providing you with the ability to keep the content of those emails private and secure from interception.
How Users Can Stay Secure
Although many websites use TLS by default, there are also some practical things that users may do to make sure they are communicating securely while online:
Look for “https://” and the lock icon (padlock) in your browser before entering sensitive information into a website.
Do not enter any personally identifiable information into websites that are not secure.
Always update your web browser and other devices to have the latest encryption standards supported.
When using public Wi-Fi, be very careful as you would with any unsecured connection; if possible, always use a Virtual Private Network (VPN).
Final Thoughts
Encryption plays a major role in protecting users’ privacy when accessing the internet. SSL, TLS and HTTPS technologies have been developed to keep hackers from intercepting your data by encrypting it, verifying the identity of websites you visit and providing assurance for you that you are visiting the correct website.
As a result, understanding how this process works, identifying secure connection types, and being cautious when browsing the web will assist most individuals in protecting their own private information and maintaining their right to privacy while surfing the internet.