WSHttpBinding messaging is based on SOAP 1.2 and WS-Addressing Specifications while BasicHttpBinding messaging is based on SOAP 1.1 specifications. Implementing the WS-Addressing specifications enables more features in this binding like asynchronous messaging, message correlation, and transport-neutral addressing mechanisms which for sure adds some processing overhead.

BasicHttpBinding provides fewer security options which are Message security, User name token,  Kerberos and X509 tokens. WSHttpBinding provides more in addition to the list above which are WS-Trust and WS Secure conversation.

BasicHttpBinding doesn't supported reliable messaging. In other words, if a client fires two or three calls you really do not know if they will return back in the same order. In the other hand, WSHttpBinding  supports WS-* specifications.

By default,in BasicHttpBinding there is no security provided for messages when the client calls happen. In other words, data is sent as plain text. As WSHttpBinding supports WS-*, it has WS-Security enabled by default. So the data is not sent in plain text.

BasicHttpBinding supports the following security options:

• None
• Windows – default authentication
• Basic
• Certificate

WSHttpBinding supports the following security options

• None
• Transport
• Message
• Transport with message credentials