SSL
"Security" once evoked images of gold and cash
protected by armed guards and steel bars. On the Internet, information
– not gold – is the precious resource. Locks and keys have given way
to Public Key Infrastructure and steel bars to Firewalls. The Web lets you exchange data in seconds, but it also creates the risk of "spoofing," interception, and tampering. That's why solutions like privacy, encryption, digital certificates, and secure email are essential to everyone online, whether you're implementing an e-commerce site, posting confidential information on your intranet, or using your credit card to shop on the Web. When it comes to protecting yourself on the Web, you can't be too careful. Is It Safe to Shop on the Internet? When you shop on the Internet, you have the same concerns as you do when you use a catalog to shop over the telephone.
In the real world, you often give your credit card to cashiers or waiters, and you give out your account number over the phone when placing an order. Using your credit card number on the Internet is no more dangerous than these practices. In fact, it is often more secure to give out your account number over the Internet, because many sites work with your browser software to encode your transaction so if outside parties intercept it, they won't be able to read it. We counter security threats with a technology called SSL (Secure Sockets Layer). SSL is a set of rules followed by computers connected to the Internet. These rules include encryption, which guards against eavesdropping; data integrity, which assures that your communications aren't tampered with during transmission; and authentication, which verifies that the party actually receiving your communication is who it claims to be. To check a site's security status, look at the site's URL in your browser window. An "s" added to the familiar "http" (to make "https") indicates that SSL is in effect. In Netscape Navigator 3.0 and earlier, the broken key symbol in the lower-left corner of your browser window becomes solid when you are in secure mode. In Netscape Communicator 4.0 and 4.5, the padlock symbol in the corner, usually open, is closed in secure mode. In Internet Explorer 4.0, a closed padlock appears when you are in secure mode. If you're about to send information to a site that's not using SSL, your browser will warn you first. SSL protects your communications during transmission. However, you must also protect yourself by dealing only with Internet companies you are certain you can trust, just as you deal only with merchants who won't share your credit card numbers with others. The Federal Trade Commission is increasing its surveillance of Internet fraud, and the National Consumers League has created the Internet Fraud Watch, an online service for reporting frauds. Are Internet Banking and Investment Transactions Safe? Online banking and investment services, and your browser, also rely on encryption to protect the information in your transactions. Before your computer transmits your information to an online financial service, the information is encrypted - turned into code. When the information reaches its destination, it is decoded. Anyone who intercepts the information during transmission receives only gibberish. Online financial services also encrypt all information they transmit back to you. |