There is of course, the short answer...and the long answer. The short answer is that we use SSL and PGP to provide an end to end security solution to insure that your sensitive data is never transferred or stored in an unencrypted format. For the long answer, read on...

There are a number of different parts to website security for an e-commerce enabled site, and a few in particular that you, the consumer, should be concerned with. The most important technologies to be aware of are SSL and PGP (we know, we know, yet another bunch of computer acronyms...but bear with us).

The first component, and perhaps most widely known in relation to online commerce, is SSL. SSL (Secure Sockets Layer) is a program layer created by Netscape for managing the security of message transmissions in a network. In plain English, SSL will encrypt information traveling between your web browser, and a web server. In this way, even if some packets of the information you are submitting to the server were to be intercepted (a fairly difficult and unlikely event in itself), they are in an encrypted format, so the information will be unreadable by the interceptor.

SSL makes use of a digital ID or certificate installed on the web server, with complementary pieces included in your SSL enabled browser. There are a number of CAs, or Certificate Authorities, who provide server IDs. We have chosen Comodo (http://www.comodogroup.com) as the CA for this site. The digital ID provides independent third party verification that a given business exists and is operating a secure website at the given URL. It also allows the web server and browser to negotiate 40bit to 128bit SSL encryption for secure information transfers over the network.

Because an SSL encyption connection involves extra processing overhead on both the client and the server, it would slow down your shopping experience to host the entire store on the secure server. As a result, most of this site operates on the unsecured server area. Thus, as you are shopping, you may receive a warning when adding or modifying a cart item, that the transmission is not secure. It is important to remember that the only information being transferred at this point is what item you are adding or modifying. There is obviously no need to incur the extra processing time of SSL, until you are actually submitting sensitive information.

So, when you are ready to check out, you are given a URL which will link you to our secure server area. Thus, when it is time to enter your sensitive information, like your credit card number, you will always be routed to the secure server. You may notice the http:// in your browser location change to a https://. You will most likely receive notice from your browser that you are entering a secure area. You may also notice other changes in your browser, different depending on what browser and version you are using.

In Netscape 3.x and earlier, you will notice a blue line at the top of your web page screen, and the key in the lower left on your status bar will become solid rather than being divided as usual. In Netscape 4.x you will see the lock icon on the top button bar, and in the lower left hand corner of the status bar, go from being open, to being closed. Internet Explorer does not provide visual cues to show the site is secure, but you will receive notice when entering and leaving a secure area, unless you have altered your default security options, and the URL will change from the standard http:// to https://.

OK, that sounds complicated enough. Now you've completed your order, and submitted your sensitive data, and your data is safe, right? Well, almost. This is where another piece in web site security equation comes into play. SSL only encrypts information while traveling on the network. Once the information is back at the web server, and no longer traveling on the internet, it is no longer encrypted via SSL. PGP (Pretty Good Privacy, http://www.pgp.com) provides file encryption which picks up where the SSL leaves off. The encrypted SSL data stream is output directly to the PGP program to immediately encrypt your order before it is written to disk and emailed to the order processing department.

In this way, we provide an end to end security solution to insure that your sensitive data is never transferred or stored in an unencrypted format.

We hope you have enjoyed the long answer; we also hope you enjoy our secure web store, and find it a convenient and pleasant shopping experience.