Before we go for differences, keep in mind below two definitions.
Host Web: The SharePoint Site where App is deployed and hosted is called Host Web
App Web: The separate place other than Host Web where the resources/files (JavaScript, CSS, HTML files, etc...) are deployed is called App Web
| SharePoint Hosted App | Provider Hosted App |
| In case of SharePoint hosted App, components are deployed on a subsite of Host Web called App Web. | In case of Provider hosted app, components are deployed and hosted outside the SharePoint farm. |
| App components are hosted in isolated app domain of SharePoint farm | SharePoint App is installed in Host Web but their components are deployed and hosted on the server and that server should not be in SharePoint farm. |
| App gets authorized by signed in user’s rights. | App gets authorized by OAuth or cross-domain library to access SharePoint list, libraries and other components. |
| It supports programming in JavaScript and html. You cannot use server-side code | You can use any scripting language until and unless it is supported by your web server or hosting service |
| Relatively they are easier to create and deploy | Creation and deployment of Provider Hosted App is a bit complicated as compared to SharePoint Hosted App |