Security on the Internet

There are so many reasons why E-Commerce security is heavily looked into by the authorities and by your customers. People are still uneasy about purchasing with credit cards online. However, with your help in informing your customers about how secure your transactions really are, we can all help the Canadian E-Commerce market increase drastically.

Basically, there are two definitions to understand in online security and they are SET and SSL.

Secure Electronic Transactions, (SET), is an open standard detailing the use of payment cards over open networks such as the Internet. SET uses digital certificates to authenticate parties involved in a transaction. Introduced by Visa and Master Card, with assistance from technology partners IBM, Terisa Systems, GTE, VeriSign, RSA, Netscape, Microsoft and SAIC. The specification was completed in May 1997.

Secure Sockets Layer, (SSL), is a security protocol and emerging standard like HTTP (Hyper Text Transfer Protocol) to transfer information across the Internet. The main difference between the two is that SSL, developed by Netscape, has made special provisions (via various key encryption schemes) to transfer information securely across the Internet. 
Netscape defines its product as 

"a protocol for providing data security layered between application protocols (such as HTTP, Telnet, NNTP, or FTP) and TCP/IP. This security protocol, called Secure Sockets Layer (SSL), provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection". 

SSL will enable a web site visitor's browser to connect and transparently negotiate a secure communication channel. Once this connection has been made, information can be exchanged with theoretically no chance of any unauthorized third party interpreting the data.

How does SSL work toward fraud protection?

Quoting from the technical specifications on Netscape's Data Security page on Secure Socket Layers:

"SSL provides a security "handshake" that is used to initiate the TCP/IP connection. This handshake results in the client and server agreeing on the level of security they will use, and fulfils any authentication requirements for the connection. Thereafter, SSL's only role is to encrypt and decrypt the Bytestream of the application protocol being used (for example, HTTP, NNTP, or Telnet). This means that all the information in both the HTTP request and the HTTP response are fully encrypted, including the URL the client is requesting, any submitted form contents (including things like credit card numbers), any HTTP access authorization information (user names and passwords), and all the data returned from the server to the client. 

Even after the server software is installed and operating on a particular system, the site is still not in secure mode. There remains one essential step necessary to insure that the server has the proper security verification: the registration of that site's encrypted key pair, generated by an encryption authority (such as Verisign). Without having an installed and verified encrypted key pair, the site is no more secure than any other Web server." 

The restriction for utilizing SSL or an SSL-enabled product is a propriety one... i.e. it requires specific browser software to fully integrate all of the encryption schemes necessary to maintain security. 

The following browser's are security enabled: Netscape Navigator, (UNIX/Mac version 1.12 and later or Windows version 1.22 and later), IBM Internet Connection Secure WebExplorer (version 1.1) for OS/2, Delrina Cyberjack Web (version 7.00), Prodigy Web Browser (version 1.4b), Internet MCI (version 1.0), and Microsoft's Internet Explorer. 

**Your web site will need a SSL certificate, and we are pleased to announce that we can supply you with the fastest SSL product online, at a great price. To find out more about purchasing your own Quick SSL, then please click here.**

ArvicSecure Bottom Line:

We are using one of the Verisign families of SSL programs. Our customer's data is safe. Your customer's credit card numbers are never seen, stored, or saved. 

We process the credit cards over these secured paths. You, neither your database, nor your customers require any software or plug-ins that are not readily available for free via download on the Internet today. Thus, making your Internet transaction fast and easy.

Resources:
Netscape data Security. Technical Details. [On-Line] Available: http://www.cs.ru.ac.za/Honours/mmcourse/security/netscape-security.html#tech
Mastercard International
Verisign

We have a network of web sites and services

We have a network of other web sites and services....

to Start your Business;

 to Protect your Business; to Expand your business; ...and to make Money; 

Arvic Search Services Inc.
Suite 260, 2323 - 32 Ave. N.E. Calgary, Alberta Canada T2E 6Z3
Phone: 403-234-0844  Toll Free: 1-888-227-8421  Fax: 403-294-0944     or    Email Us