Our web site implements several techniques to ensure the security of our customers. This document will attempt to explain the methods we use.
This method of security is one that every secure web site on the internet should implement at the very least. This involves the familiar 'lock icon' that should be at the bottom of your browser window. The exact position of it will change from browser to browser. Internet Explorer for Windows puts the lock icon in the bottom-right hand corner. Internet Explorer for Macintosh puts it in the bottom-left hand corner. Most browsers will allow you to view the credentials of the web server by double-clicking on the lock icon. Feel free to do this now if you wish to.
Browser link security is simply a method of encrypting all traffic to and from the web site and your web browser, securing it from interception along the way. It also ensures that the web site actually is the site it is identifying itself as, since some malicious methods can fool your browser into thinking it's going to one site when really taking you to another.
Once you place an order on our web site using a credit card, the credit card gets stored in a database on our server until it is processed, typically within 24 hours. After the credit card is processed, it gets deleted from the database. This is a stark contrast to many companies that store your credit card in their databases indefinately. This is not only irresponsible, but completely unnecessary as well.
In addition, the credit card numbers that we store are not kept in a format that is readable, even if somehow the security of our server was compromised. We use a method invented by RSA Security that allows an encryption key to be split into two parts. One part of the key can only be used to encrypt data, not decrypt it. This portion of the key is on the server, though the other is not. The other portion of the key is stored password-protected off-site. This means that even if the database was compromised, our client's credit card numbers will not be.