So I worked with one of a small financial institution in the past, and they used in one of the GET requests to fetch account details with account number as query parameter, and the account number was BASE64 encoded, and when I asked why, I was told for security reasons, which didn’t make any sense as BASE64 decoding algorithm is publicly available and can be easily retrieved back. They however used https though, but reasoning I got for security use of BASE64 didn’t make any sense. Did I miss anything to understand here?