There's a lot of rubbish flying about in the popular press regarding internet security. The people who write these articles often don't know what they are talking about. Does the average newspaper columnist know much about computers? NO! I have written this page to try to set your mind at rest regarding the safety of giving out your personal data and card details over the 'net using SSL Secure Servers - which is what translation-agencies.com and translatortips.com use for transaction processing.
The technology available today with modern web browsers (v3 or higher) and SSL encryption actually means that online transactions are as safe as:
In fact, you might feel that you are safer ordering one of my products by fax. But stop and think for a moment! You write your card number down on paper, fax it to me, so I have a paper copy, I then process your transaction and burn your fax after I record your personal details (excluding card number). What do you do with your copy? Throw it in the trash? Well - there's a big security hole right there! What happens to your trash? Most of it gets dumped in land-fill sites. Do you want your card details blowing about on a land-fill site?
Imagine the same transaction processed through our real-time SSL server. You type in all your details and submit them to the secure server at Netbanx. What you may not know is that your card is verified against various bits of the personal data that you provide, namely postal code, name etc. - security must be tight because you can't physically sign the receipt!
The other thing is that I never get your card number! It goes straight to the processing bank's computers and I just get the money deposited to my account when a successful transaction is completed.
Another thing most people don't know about is called 'chargeback'. If you see a transaction, on your card statement, that you don't think you made, you can call your card company, and if it was indeed a fraudulent transaction you can have it cancelled. This is called a chargeback! It isn't hard to do, and most card companies will allow you to query any transactions within 90 days of the transaction date.
What I am saying is this! Part of the press is screaming about fraud on the internet and insecure systems, while the other part is screaming about how the internet is the way of the future, how ecommerce is going to be the biggest business revolution ever to hit the world. Well let me tell you this! One of these parts MUST BE WRONG! I wouldn't have started an ecommerce site if I was worried about a significant risk from card fraud! Responsible companies, who take adequate precautions and invest in the right technology - which exists and is in widespread use already - are doing significant amount of business on the web. These precautions don't come cheap mind you! It costs me 8% per transaction to use this technology - but I see this as the price of ecommerce and accept it as a necessary cost of doing business on the web.
So I hope I have at least managed to knock a few holes in some of the silly sensationalist arguments which buzz around in the media. If you want to go back to the ordering page please click the left arrow in your browser!
The rest of this page has some definitions and technical information about SSL technology.
An acronym for Secure Socket Layer, SSL is a protocol developed by Netscape Communications Corporation for securing data transmission in commercial transactions on the Internet. Using public-key cryptography, SSL provides server authentication, data encryption, and data integrity for client/server communications.
A way of coding the information in a file or e-mail message so that if it is intercepted by a third party as it travels over a network it cannot be read. Only the person or persons that have the right type of decoding software can unscramble the message.
Netscape Corporation has created the best known secure server technologies. It uses a security protocol called Secure Sockets Layer (SSL), which provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection. When a client program connects with a secure server, they exchange a "handshake" which initiates a secure session. With this protocol, the same server system can run both secure and insecure web servers simultaneously. This means an organization or company can provide some information to all users using no security, and other information that is secured. For example, a business that sells products online can have their storefront (merchandise catalog) unsecured, but ordering and payment documents or forms can be secure.
The process of securing private information that is passed through public networks by mathematically scrambling (encrypting) it in a way that makes it unreadable to anyone except the person or persons holding the mathematical "key" that can unscramble (decrypt) it. The two most common types of cryptography are "same-key" and "public-key." In same-key cryptography, a message is encrypted and decrypted using the same key, which is passed along from one party to another in a separate transmission. A more secure method is public-key cryptography which uses a pair of different keys (one public, one private) that have a particular relationship to one another, such that any message encrypted with one key can only be decrypted with the other key and viceversa.