When you are running an ecommerce site, it is necessary to encrypt the data your customers enter into your shopping cart or other areas of your website. While a SSL certificate can handle this to some degree, the standard of protection is PGP. PGP stands for Pretty Good Privacy and will allow your customers to submit their data to you in an encrypted form.
If you have your customer’s orders emailed to you, it is vital to use PGP to make sure that this data will not be intercepted before it reaches you. Some shopping carts include credit card numbers in these emails, putting your customers at high risk.
How does PGP work? PGP works across several platforms, including Windows and Unix and offers an encryption and authentication features that cannot be found elsewhere. This is achieved through the use of special keys. Your server will have one key, and you will have another for your email account if you choose to have your orders transferred to you by email. These keys ensure that the person who was intended to receive the data is indeed the person opening the encrypted mail.
If someone did manage to intercept this email, all they would see is a string of nonsensical characters. This is due to PGP’s encryption of the email. Until the correct matching key is applied, the contents of the email will remain encrypted.
In addition to encryption, authorization of the sender is also provided. When the message is encrypted, it is digitally signed. You can be certain that it is your server sending you your customer’s orders, and the server is sure that you are the one opening it.
You can use PGP for more than just sending orders. If you want to ensure that all of your email is private, you can set up encrypted emails and distribute keys to your intended recipients. This is very helpful for interdepartmental mail that may contain sensitive information about your company.
There are several different methods of using PGP encryption on your server and for your email. One of the most popular methods is provided by pgp.com, also known as the PGP Corporation. They offer a host of different applications that can secure your server’s data, your email and much more.
For more information on how PGP works or if you are interested in implementing PGP, you can visit pgp.com to learn more. There are many different types of solutions offered that range from as low as $59 to several hundred dollars.
If you do not want to purchase a PGP solution, there are other alternatives, such as GnuPG. Our next article will compare the freeware version of PGP to the traditional version and we’ll see if it can live up to it’s more expensive counterpart.
Before purchasing or downloading any PGP solution, you should check with your web hosting company and your shopping cart documentation to see what form, if any, of PGP that they support.Related Posts:
Posted on 12/14/05 10:34 PM
Be the first to comment!