HTTP is a transport protocol that transmits unencrypted data in plaintext. This makes private information, such as passwords, account numbers, and transaction records, vulnerable to being leaked, stolen, or modified by attackers. Therefore, sending private information over HTTP is unsafe.
HTTPS is an encrypted transport protocol based on the Secure Sockets Layer (SSL) protocol. After an SSL Certificate is installed on a website, an SSL-encrypted channel is established between the client browser and the web server for HTTPS access. This channel provides strong bidirectional encryption to prevent data from being leaked or modified during transmission. In simple terms, HTTPS is the secure version of HTTP, where HTTPS = HTTP + SSL.