PGP
PGP
PGP (Pretty Good Privacy) is the encryption standard for secure email.
"The PGPi project is a non-profit initiative, whose purpose is to make
PGP freely and legally available worldwide. The project is largely based on
unpaid, voluntary effort by security and privacy minded individuals."
(www.pgpi.org)
Using PGP is simple. You download and install the software. This becomes a
plug-in to your email software (such as Eudora or Outlook Express). You then
export your public key file and send this to those whom you would like to
be able to send you encrypted messages.
Only you can then decrypt messages encrypted with your public key, in combination
with your secret key and your secret pass phrase.
We use PGP on our servers to encrypt messages and transaction information
to our merchants. This way we can delivery credit card information from our
shop carts and scripts in the email to our merchants, securely, without recourse
to the on-line credit card verifiers, thus saving our merchants a percentage
of every transaction. This has saved our merchants fortunes which would otherwise
have gone to the banks!
Using SSL for transactions, without using PGP to encrypt the data taken, is
a betrayal of your customers trust. Customers believe that SSL is secure and
safe to use, however, if the data taken is then simply emailed, in an unencrypted
state to the merchant, this is clearly a betrayal of trust. Therefore we strongly
recommend the use of PGP to our merchants and will gladly talk you through
installing it locally, exporting your key, and decrypting messages.
