|
What is SSL? SSL (secure sockets
layer), also known as secure server, provides for the encrypted
transmission of data across the Internet. SSL will enable a browser
to connect to your web site and exchange information such as credit
card numbers securely. SSL does not include the ability to process
credit card transactions. Although you can securely receive information
through SSL, actual processing of a credit card will require a
"Merchant Account" from an accredited financial institution.
How do I utilize SSL? To utilize
SSL you must obtain a Digital ID. Briefly, a Digital ID, also
know as a Digital Certificate, provides a complete security solution,
assuring the identity of all parties involved in a transaction.
Digital IDs are used much the same way as conventional forms of
identification, such as a driver's license or passport, to provide
irrefutable evidence of the owner's identity and, in some cases,
authority in a given transaction. Additionally, Digital IDs, bind
an identity to a pair of electronic keys that are used for encrypting
information.
How do I get a Digital ID? Digital
IDs are issued by a Certification Authority (CA), which can be
any trusted central administration willing to vouch for the identities
of those to whom it issues Digital IDs. Innovative Data Transfer,
at a customers request, will apply for a Digital ID on behalf
of your organization. VeriSign and Thawte are the most recognized
and largest Certification Authorities. Please contact support@inovadev.com
to start your application process.
How much will it cost? There is
no additional Innovative Data charge however the Certification
Authority will charge a fee for each Digital ID it issues. VeriSign
Digital IDs cost approx. $349 US for the Initial Digital ID.
This ID is good for one year from the date issued and subsequent
renewals are $249 US. There may be an additional charge if your
company is located outside the US or Canada. Thawte
Digital IDs cost approx.$125 US for the Initial Digital ID.
This ID is good for one year from the date issued and subsequent
renewals are approx.$125 US. There may be an additional charge
if your company is located outside the US or Canada.
Should I apply for a VeriSign or Thawte
Digital ID? Both VeriSign and Thawte are well known vendors
of Digital IDs and IDs from either vendor provide the same level
of security. Older browsers (in particular Navigator 3.x) may
need a quick adjustment before they work correctly with a Thawte
certificate. VeriSign Server IDs come with VeriSign's "NetSure
Protection Plan" which provides up to $100,000 of protection against
economic loss due to theft, impersonation, corruption, or loss
of use of an ID.
I have more than one account. Do I need
more than one Digital ID? Yes, each account must have
a separate certificate.
Will anyone have access to my keys?
It is a basic principle of public key technology that the private
key is never transmitted to anyone. In particular, your certificate
request will contain your public key only. So long as you protect
your private key, and provide no one with access to it, your key
will remain securely in your hands only. Innovative Data provides
this security for your private key.
What do I need to do to accept credit card
payments? Contact your local bank. You will need a merchant
processing account. The application process for a merchant processing
account is normally straightforward. Once you obtain an order,
it will be your responsibility to charge the credit card using
your merchant processing account.
How do I implement a SSL connection? Once
your user account has been setup to use a Digital ID you must
use a URL similar to the following : https://secure.inovadev.com/user-id/orderform.html
or if you have your own domain: https://www.yourdomain.com/orderform.html
The "s" in https:// suggests an SSL related file. If your secure
form is calling a cgi script remember you must also reference
that script securely.
|
