|
I'm a little concerned about security: Please educate me.
There are two things to consider about Internet security:
1) Will my private information remain private?
Private information, such as credit card numbers, that you enter into the Kolander Images web site
is transmitted using Secured Socket Layer (SSL) protocol that uses a 128-bit encryption algorithm. When you see "https"
instead of "http" in your browser "Address" line, that indicates an SSL connection (some browsers also display a locked padlock).
That means that your private information is scrambled before being placed on the Internet, using the strongest and most sophisticated
method commercially available, and then descrambled when it arrives at the Kolander Images's web site and vice versa.
An unscrupulous person who intercepts a scrambled packet of information in route one direction or the other would need to
try roughly 340 Billion combinations of passwords before being able to decode the transmission, and without knowing what something
like a final credit card number is supposed to look like, there would be (for a 16-digit credit card number plus
4 digit expiration date) over a quadrillion possibilities that a given decoded number would be incorrect.
It is infinitely more likely that you would provide your credit card information to an unscrupulous
store or restaurant employee than be victim of a hacker selecting your transmission among trillions per day and
then applying hundreds of billions of decoding attempts against it in order to derive a single credit card number which holds
a one quadrillionth chance of being accurate. Such a prospect is truly mindboggling and represents a substantial mathematical
deterrent. In a nutshell, your odds of winning the lottery are far greater than the odds of your SSL transaction being
singled out and decoded. That's why there is $9 Billion in electronic commerce each year, and growing.
When you read about some hacker being arrested for obtaining credit card numbers, it's
because the hacker got into a storage file in the memory bank of a computer and not because they intercepted a transaction
over an SSL Internet connection. And by the way, Kolander Images does not store your credit card information on a computer,
so there is nothing a hacker would be able to obtain.
Of course, the more creative hackers are known as "Phishers" and they typically try and get you
to email them your private information, often masquerading as the technical support or billing center of some business.
Email is NOT SECURE. Kolander Images would NEVER request private information via email. Never email your private
information, PERIOD!!! Worse yet, Phishers offer up web sites that look precisely like the real thing, but the web site
address is slightly different. That's why we encourage you to inspect our GeoTrust insignia to verify that you have
the Kolander Images web site.
2) Is the web site that I'm sending my private information to indeed the business
that I think it is?
Ah, how do you know when you go to Checkout that you're actually talking to Kolander Images
and not RipOffsAreUs.com? Well, the first way is to look at the web address in your browser when you go to
Checkout. It should say "https: //kolanderimages.com/Merchant2/merchant.mvc?bla-bla-bla",
which indicates an SSL connection (via the "https" indicator and not just "http") to the Kolander Images web site and not
someone else's web site. But then, how do you know that RipOffsAreUs.com did not somehow hijack the "kolanderimages.com"
domain address and reroute it elsewhere? That's where your browser typically uses security Certificates. The Kolander
Images web site publishes a certificate to your browser that has the Kolander Images signature in the certificate, which you
can inspect, and further indicates that the certificate was manufactured on the same server. But how do know that the
certificate has not been forged in some way or stolen from elsewhere? That's where Internet Security providers such
as Verisign and GeoTrust come along and provide their own "trusted" (by browsers) certificates that contain the name
of the business you are dealing with and the server location. The Internet Security provider has contacted the business
in person and is endorsing that the business is not a shady RipOffsAreUs.com operation. In short, it's a form of insurance
that a real-world business matches its cyber-world business face.
Now, Internet Security provider certificates provide no greater protection of private information
than private certificates do because they both use 128-bit encryption (see #1 above). It's purely a matter of endorsement
by a "trusted" agent that Kolander Images is the real deal.
So, if you're concerned about whether Kolander Images is the "real deal", feel free
to inspect the security certificate or click on our GeoTrust endorsement seal on the home page. When inspecting a security
certificate covering an https session, look for the following:
Does the certificate match the domain name of the server (i.e. does it contain kolanderimages.com
or something else)
This means that someone else's "valid" certificate (like BankOfAmerica.com) is not being used elsewhere.
Does the certificate contain the true name of the business (i.e. does it say Kolander Images
or something else)
Is the certificate endorsed by a trustee of your browser
No problem, take me to Checkout
I would rather you contact me to complete my order: Please send us an email at orders@kolanderimages.com and include a telephone number
and contact information so that we can contact you back to obtain your order. Please, DO NOT supply a credit card number
or any other private information in an email to us or anyone else because EMAIL IS NOT SECURE.
|
