When browsing the web, students often notice a small lock icon or the letters HTTP or HTTPS in the address bar. In IB Computer Science, this difference is not cosmetic — it represents a fundamental difference in how data is protected during transmission.
IB examiners expect students to clearly explain what HTTP and HTTPS are, how they differ, and why HTTPS is more secure. Vague references to “encryption” without explanation often lose marks.
What Is HTTP?
HyperText Transfer Protocol (HTTP) is the protocol used to:
- Request web pages from servers
- Transfer data between browsers and web servers
Key characteristics of HTTP:
- Operates at the Application layer
- Uses TCP for reliable data transfer
- Sends data in plain text
Because data is sent unencrypted, anyone intercepting the communication can potentially:
- Read the data
- Modify the data
- Steal sensitive information
This makes HTTP unsuitable for transmitting confidential data.
What Is HTTPS?
HTTPS stands for HyperText Transfer Protocol Secure.
It performs the same basic function as HTTP but adds an extra layer of security.
Key characteristics of HTTPS:
- Encrypts data before transmission
- Uses cryptographic protocols
- Protects data from interception
HTTPS ensures that even if data is intercepted, it cannot be understood without the correct decryption keys.
How HTTPS Provides Security
HTTPS secures communication using:
- Encryption
- Authentication
- Data integrity
When a secure connection is established:
- The browser verifies the server’s identity
- Encryption keys are agreed upon
- All data sent is encrypted
This process prevents attackers from reading or altering the data.
IB students are not expected to memorise encryption algorithms, but they must understand the purpose and effect of encryption.
Why HTTPS Is Important
HTTPS is essential for:
- Online banking
- Login systems
- E-commerce
- Any site handling personal data
Without HTTPS:
- Passwords could be stolen
- Payment details could be intercepted
- Data could be altered in transit
This is why modern browsers warn users when a site is not secure.
Comparing HTTP and HTTPS Clearly
Strong IB answers compare protocols directly:
- HTTP
- No encryption
- Data sent in plain text
- Vulnerable to interception
- HTTPS
- Encrypted communication
- Secure data transfer
- Protects confidentiality and integrity
Using comparison language earns higher marks.
HTTPS and Performance
A common misconception is that HTTPS is “too slow”.
In reality:
- Modern encryption is highly efficient
- Performance impact is minimal
- Security benefits far outweigh any cost
IB examiners reward students who recognise this trade-off.
Common Student Mistakes
Students often:
- Say HTTPS is a completely different protocol
- Forget that both use HTTP concepts
- Ignore authentication
- Describe security without explaining how it works
Clear cause-and-effect explanations are essential.
How This Topic Appears in IB Exams
IB questions may ask students to:
- Explain the difference between HTTP and HTTPS
- Justify why HTTPS should be used
- Identify security risks of HTTP
- Apply knowledge to real-world scenarios
Structured explanations score highest.
Final Thoughts
HTTP and HTTPS both enable web communication, but HTTPS adds critical security features that protect users and data. By encrypting communication and verifying server identity, HTTPS prevents interception and tampering.
Understanding this difference allows IB Computer Science students to explain modern web security clearly and accurately — exactly what examiners expect.
