Dribbble

  • No recent Facebook status updates to show.

  • Is it standard to use HTTPS when transmitting a user's personal information (address, phone, etc) even when there is no financial information involved?
    Eric Nord voted up this answer.


    Yes, you absolutely should use TLS (HTTPS) when exchanging any personal or even semi-personal information. Personally, I'd go further and say I'd prioritize using TLS for some non-financial personal information over financial. In your specific example, the site should use TLS, even though it defers to PayPal for payment information.

    Indeed, you should use TLS even aside from the need to encrypt personal data: TLS isn't just to encrypt the contents of your communication, but to verify the identity of your communicator. See my answer to How important is SSL? Given this, nearly all websites should implement TLS.

    See question on Quora
    Quora 22.09.2014