When to choose online encryption?

Published: 15 November 2017

You can make conscious decisions to protect your sensitive data online. Financial transactions should only be conducted on websites starting with https and only such sites should be trusted with your personal information. If you sacrifice a fraction of your convenience, you can have completely encrypted correspondence and conversations, now even in the applications you usually use. It is worth a try!

You rightfully expect operators to have robust technological infrastructure to protect the sensitive data you trust them with on the internet, mobile networks, wireless networks or, for example, when you use an automated teller machine (ATM). You may also assume that others cannot read what you share by email and instant messaging.

The number of offences committed over the internet is also constantly on the rise as neither legislation nor user culture can keep up with the slew of new services.

And criminals are not the only ones who may exploit your data. In 2013, Edward Snowden demonstrated with the documents he released that in its efforts to combat terrorism, United States intelligence developed a practice through which it gained a previously unthought-of level of access to information in communications over the internet and mobile networks and top US operators cooperate with intelligence services in certain initiatives. This means that they share the information collected by monitoring the online conduct of their customer on a large scale with such services.

Since these operators have a global customer base, these years saw, irrespective of these leaks, a lively dialogue develop among the European public on the relationship between security and the inviolability of privacy and technological possibilities of encrypting online communication also came into focus.

All relevant encryption solutions are based on the principle of using an algorithm (encryption method) to transform information (open text) into text that cannot be deciphered by those who do not have the specific knowledge (key) to decipher it. Various technologies are available for this purpose and they can be seen in the following situations.

For secure operations: https://!

Internet information transmission is defined by the HTTP (HyperText Transfer Protocol) technical standard. This fundamental protocol has a particularly secure version supplemented by an encryption/authentication layer, called HTTPS.

You can see “https” in the address bar of websites, preceded by an icon showing a closed green lock and the text “Secure”. In such cases, you can be sure that the server hosting the site has already passed an authentication process, i.e. it obtained a public key certificate demonstrating that a certifying authority has attested to the fact that the owner of the server is who they claim to be. On websites starting with https, you can assume that you provide your data on an encrypted, protected platform that efficiently safeguards them against data theft and interception. Sensitive operations such as online banking and the provision of personal information should only be carried out on websites having an https address. Now web browsers even advise if a website gathers information without the HTTPS protocol: such websites show an error message or are indicated as “not secure”.

However, you cannot afford to let your guard down, not even sites whose address starts with https. It is important to check the address in the address bar as the public key certificate actually only shows that the address belongs to the owner, but this can be used for deceptive purposes. So, for example, https://www.paypal.com is a popular online payment service provider, while https://www.paypal.notification.yaraneaftab.ir is a fake website mimicking PayPal’s appearance that has a valid certificate.

Stronger end-to*end encryption in email and chat

Correspondence and chatting are both online activities whose content you want to keep private and there are an increasing number of options available that enable you to do so. To achieve comprehensive protection, end-to-end encryption is required, ensuring that nobody else, not even the operator, has access to the content besides the two parties to the communication. Used by most Hungarians, Gmail, for example, protects personal content included in emails externally, meanwhile the company’s own artificial intelligence analyses your correspondence so as to display targeted advertisements.

In contrast, encrypted mail systems available on the market are completely ad-free, and not even the operators themselves are able to access, read or share the content of your correspondence with others. If you choose an encrypted solution, you have to give up a portion of the convenience of correspondence as login requires multiple passwords and the rules applicable to your contacts who also use encrypted services are different to the rules covering those who do not.

An important development is that Gmail can be made encrypted using a supplementary application.

By now, with the exception of Skype, the end-to-end encryption option has been added to all the most popular chat applications: it is the default setting in WhatsApp and Viber, and can be selected for certain conversations in Facebook Messenger. Limitations apply here as well: it may only be used on mobile devices, on one device at a time and only if encryption is enabled for both parties.

***

According to a spring status report, half of the global internet traffic is encrypted:

Based on the data on issued SSL certificates, 12% of websites in Hungary use the secure protocol:

This article provides an in-depth explanation about end-to-end encryption and presents an encrypted email service provider: