Understanding the prevalence of web traffic interception

A study published at NDSS 2017 found that between 4% and 10% of web's encrypted traffic (HTTPS) is intercepted, posing serious security risks as they weaken the encryption used to secure communications. Interception products often impersonate websites without users' knowledge by adding their own "root" certificate to the computer trust store. The study also revealed that while not always malicious, web traffic is primarily intercepted for two reasons: improving security and performing malicious activities. Furthermore, HTTPS implementations used for interception do not have the same automatic update mechanisms as browsers, making fixes less likely to be rolled out.