|
Untitled Document
|
| |
Your security is
assured!
Credit card security is one of
our top priorities and that is why we guarantee 100%
secure ordering for all of our visitors. To protect you
and your credit card information, we use Secure Sockets
Layer (SSL) technology, which is the industry standard
and among the best software available today for secure
commerce transactions. A complete primer on SSL is
provided below for your convenience.
An SSL
Primer
To protect your information and the
integrity of ours, we use an industry-standard security
protocol called Secure Sockets Layer (SSL). Use of this
technology encrypts any and all sensitive information
communicated between you and our web site.
When
Netscape introduced SSL (secure-sockets layer) in 1995,
it paved the way for online information security. SSL is
essentially an encryption technology that scrambles a
message so that only the intended recipient can read it.
Web addresses that begin with "https://" are using SSL
to protect information (think of the "s" as meaning
"secure"). To anyone without the "key", any intercepted
information would only read as useless gibberish.
To get SSL working, you need a digital ID (also
known as an authentication certificate) from a trusted
third-party source. This certificate is like an online
passport or driver's license. It's essentially a form of
identification that confirms that you are who you say
you are, and that we are who we say we are.
Encryption is essentially a secret code that
prevents others from reading your messages. The elements
of an encryption system are the plaintext, the
cryptographic algorithm, the key, and the ciphertext.
The plaintext is the actual message or data that is to
be encrypted. The cryptographic algorithm is a
mathematical set of rules that defines how the plaintext
is to be combined with a key. The key is a string of
digits, and the ciphertext is the resulting encrypted
message.
These terms are probably best
illustrated with a very simple example. If you take the
phrase "Computer" and add 3 characters to each letter,
the phrase becomes "Frpxwhu".
In this
situation:
- "Computer" is the plaintext
-
"add 3 characters to each letter" is the cryptographic
algorithm
- "3" is the key
- "Frpxwhu" is the
ciphertext.
Here in detail are the steps taken
during an SSL transaction:
1. You send our
server a request for documents to be transmitted using
the "https://" protocol.
2. Our server sends its
certificate to your computer.
3. Your computer then
checks to see if the certificate is verified by a
trusted source.
4. Your computer compares the
information in the certificate with the information it
received (the domain name and key). If this information
is a match, your computer accepts our site as
authenticated.
5. Your computer tells our server what
ciphers (encryption algorithms) it can communicate
with.
6. Our server chooses the strongest common
cipher and informs your computer of its choice.
7.
Your computer generates a key using the agreed upon
cipher.
8. Your computer then encrypts the key and
sends it back to our server.
9. Our server receives
the encrypted key and decrypts it.
10. Your computer
and our server then use the key for the life of the
transaction.
As you can probably tell from the
above example, securing information through SSL takes
time. Therefore, you may notice that pages don't load as
quickly as they would without the security. But in the
interest of safety, this delay is worth the few extra
seconds.
For your safety and convenience, we only
operate over a secure connection from the time you want
to "check out" to the time your order is confirmed.
SSL does come with a catch. Even though our web
server fully supports SSL, it will only work with
SSL-friendly browsers. While most browsers do support
SSL, some archaic versions do not. If you receive an
error when trying to access the secure portion of our
site, please contact us for information on how to best
place a safe order. |
|
