|
This
Web site takes every precaution to protect our users’
information. When users submit sensitive information
via the Web site, their information is protected both online
and off-line. When our registration/order form asks users
to enter sensitive information such as their credit card
number, that information is encrypted and is protected with
the best encryption software in the industry known as SSL
or Secure Socket Layer.
After CHECK OUT customers are connected
to a secure server for their name, mailing address, contact
information, and credit card number. The secure server guards
against information being stolen or altered as it travels
over the internet by encrypting personal information or
converting it into unintelligible data. SSL encrypts the
data before transmission over the Internet-128 bit encryption.
Data translated into a secret code that can only be deciphered
by a secret key that is given to the intended recipient.
It uses Public/Private Key Encryption. The public key is
for senders and the private key is for recipients. It is
virtually impossible for unauthorized holders of the public
key to deduce the private key. It is estimated
that it would take someone a trillion years to break the
strongest encryption forms such as SSL because it uses 128-bit
encryption. That’s how hard the technology is to penetrate.
Consumers are at more risk giving their credit card numbers
to a waiter in a restaurant or to a gas station employee
than they are giving their credit card numbers to an online
merchant.
In
fact, despite the impression the news media may have given,
there has not been a single documented case of fraud involving
the interception of a credit card number transmitted via
a secure server over the Internet to date!
*Important*
Email is NOT a secure means to send information as it is
not encrypted. We strongly encourage you to use our secure
ordering process when shopping.
Keep
in mind that Visa, and MasterCard have a zero liability
policy for their credit card holders for purchases make
online. This means that customers are never responsible
for unauthorized transactions on their credit cards.
What
is Secure Socket Layer?
Secure
Socket Layer is a security protocol that was first introduced
by Netscape in the early '90s. SSL will allow users to send
and receive information to companies on the World Wide Web
in an encrypted manner. This means that any information
such as, text, pictures, forms that are transmitted through
the Web browsers will be completely encrypted. When information
has to get from one point to another, it travels throughout
several computers. The data that is sent through the Internet
may travel across 25 or 35 networks. When this data is in
transit, any one of these computer systems represents an
intermediary with the potential to access the flow of information
between the user's computer and a trusted server. The Internet
does not provide built-in security. However, SSL will encrypt
the data in a manner that will prohibit interlopers from
reading data that the user is sending or receiving. SSL
provides privacy, authentication and message integrity.
How
Does Secure Socket Layer Work?
Upon
the initial connection, SSL does a security handshake, which
is used to start the TCP/IP connection. SSL uses encryption
and authentication technology developed by RSA. RSA is a
public key cryptography for both encryption and authentication.
RSA is part of many official standards worldwide. Data that
is encrypted with the public key,
can only be decrypted with a private key,
and vice versa. Authentication is the process of verifying
that the user is actually who he or she claims to be.
During
a secure transmission, the client and the server use what
are called keys. As mentioned earlier, there are two keys,
a public key and a private key. The public key is available
to everyone, however, the private key is only available
to the user. For example, suppose John wanted to send Mary
a message. John can use Mary's public key to encrypt the
message and then send it to her. Once Mary receives the
message, she can decrypt it by using her private key. Mary
can be assured that she was the only one to read the message,
because only her private key can decrypt the data that was
encrypted using the public key.
In
order to make the message even harder to decrypt, a technique
knows as digital signature is
used. A digital signature is a code that can be attached
to the message that is being sent, that uniquely identifies
the sender. The purpose of the digital signature is to guarantee
that the user sending the message is actually who he or
she claims to be. However, there is still a problem with
this. By having only a public-private key and a digital
signature, any user can still fake who he or she is. To
solve this problem, another attachment is made to the message.
A digital certificate performs
connection verifications between server's public key and
server's identification. These certificates are issued by
third parties called Certificate Authorities
(CAs). A Certification Authority is a trusted authority
responsible for issuing certificates used to identify a
community of individuals, systems or other entities which
make use of a computer network.
A
user that wishes to send an encrypted message applies for
a digital certificate through a CA. The CA issues an encrypted
digital certificate containing the user's public key and
a variety of other identification information that was mentioned
above. The CA uses its private key to encrypt the digital
signature, so it cannot be forged.
By
using the methods of encryption described so far, no hacker
will be able to read messages that do not belong to them.
However, there is still a chance that the hacker that stands
between two users can damage the messages that are sent,
although he cannot read them. The hacker can just replace
the message with garbled information. The reason is because
he knows what protocol the users are utilizing. In order
to prevent this, a new technique has been introduced called
Message Authentication Code (MAC), which can be used in
the protocol. A MAC uses an algorithm that computes a secret
piece of data that is then added to the message. The values
of a MAC can be 40 or 128 bits, which would make it impossible
to try to figure out what the right MAC is. The odds of
guessing are 2 to the power of 128.
There
are two ways to find out whether a document comes from a
secure server. One way is to look at the URL. If the URL
begins with https:// as opposed to http://,
then the document comes from a secure server. Another way
to verify the security of a document in a Netscape browser,
is by looking at the golden key in the lower left corner
of the screen. If the key displayed is broken with a gray
background, that means that the document is insecure. However,
if the key is not broken and a blue background is displayed,
then the document comes from a secure server.
|
