Encryption is one of those often-misunderstood technologies. As I wrote about recently with firewalls, there is the notion – again thanks to movies and TV – that encryption is some black-ops technology that is beyond the capacity of the average computer user. But in fact, encryption is something that most Web users encounter quite frequently, and if your business conducts any form of e-commerce encryption it’s an absolute must.
As endless amounts of commerce and financial transactions have moved online, including the ability to pay bills, check bank balances and simply buying a book from Amazon.com, the Internet has changed the way people shop and conduct business. For instance, you’ll never speak to a clerk and the only shopping cart you’re likely to see is a virtual one on your desktop.
Because of this, it has made it all the more possible for your personal or business information to be tracked and gathered by third parties. This highly sensitive information could include credit card numbers, social security numbers, bank account data and other personal details, and there is the risk that it could be used by unauthorized persons. To combat the threat from fraudsters and hackers most major Web sites use some form of digital encryption to protect sensitive data.
In fact, the concept of encryption has been around for many centuries in the form of ciphers and codes. But in the decades following the Second World War encryption in a digital form was primarily only used by government agencies and major corporations – and no doubt this is why it is easy to think of encryption as a tool primary used by black-ops, spies and shadowy organizations.
Really until the advent of the ATM, most banking customers didn’t even have a PIN (personal identification number) and a signature was all that was required for most transactions when payment was made with a check or credit card. How the times have changed.
With increased use online via the Internet however, business is now commonly conducted where the various parties have practically no in-person contact. Orders on a Web site can be processed with a few clicks of the mouse. As a result, the buyer often never communicates with a seller and the seller simply processes orders much as it was done in the past via mail order. Likewise, credit card or banking information can be accessed via a Web site, and customers can transfer funds, make payments and even send money through services like PayPal.
All this is where encryption becomes crucial, and for this reason business owners should only use Web sites that offer a secure, encrypted page.
Historically encryptions in the form of ciphers were codes with transposition or substitution of characters. This made deciphering the information slow and tedious. Rotor machines, like the famous German “Enigma Machine” allowed for fast coding and decoding. But even this could be defeated with enough time and resources. With computers, this encryption and decryption can be done extremely fast, and in many ways the encryption from most Web sites is far more advanced than any used by governments only a few decades ago.
Today, there are symmetric key algorithms that are basically private-key cryptography, where two users must share the same software to read each other’s messages or information. This is used by businesses and government agencies to keep outsiders from reading any of the data. Each party needs to have the common key, but if this is key is compromised a new key can be provided for future transmission of information.
The other type of encryption, one that most computer users will likely encounter, is asymmetric key algorithm, which uses both public-key and private-key cryptography. With this method a user can send data via the public-key that is then encrypted, while the receiver, who is the only one who can decrypt the information, uses the private-key. This is how credit card information is protected when you’re ordering that bestseller or new DVD on Amazon.com. The downside to this type of key is that if a site is successfully hacked the user’s information is compromised.
However, when you consider that credit cards regularly pass through the mail, charge slips can be lost with vital information clearly printed, and cards stolen, encryption is actually pretty secure. It should make you feel a little bit better about ordering your next round of office supplies. And if your business involves e-commerce on any level, encryption can ensure that your customers’ data and private information does, in fact, remain private.