Secure Data Transmission

Secure DataEmail Security
Credit Card Data
RFID Protection
Blocking Spam
Internet Scams and Fraud

Secure Data Transmission

So, you've got credit card security under control, hey? How about this one. Not all that long ago, the director of ammonet requested train reservations via the Swiss National Railways secure web site. Being an efficient service, within an hour they sent back an e-mail confirming the reservation. They included the full details of the journey and also the full details of the ammonet credit card - number, expiry date, card holder, the lot. Perhaps you'd better read on . . .

Credit card data

ammonet offers ammonet Secure, a browser-based secure credit card data transmission system FREE to all ammonet hosting customers. This system is ideal for businesses who already have credit card handling facilities and who require an easy-to-use, secure method to receive and store credit card details from their customers. Please note that this is a data transmission and storage system. It does not process or collect funds from credit card transactions.

Click here for details on credit card data transmission

SMTP security

As a security feature to prevent the use of the SMTP of your ammonet Business or Professional Account as a relay station for transmission of Unsolicitied Commercial E-mail (UCE, SPAM) and other unauthorised e-mail, valid users are authenticated by comparison with IP addresses previously recorded by your POP server. If you use a dial-up provider, it is likely that you are assigned a different IP address each time you log on. If you intend to transmit email via your ammonet SMTP, you should therefore check your incoming e-mail at least once each time you connect to your provider. On many e-mail programs, you can enable a feature that automatically checks your incoming e-mail before transmitting outgoing e-mail.

How to recognise a secure form

There are basically three indications that the form you are using is encrypted:

1) The URL begins with https:// instead of http:// The s stands for secure and indicates that a kind of http specifically for encrypted transmission is being used.

2) Most browsers have a padlock or key icon somewhere on the frame (lower left for Netscape, lower right for Internet Explorer). If the browser recognises a secure form, the padlock will be represented as closed or the key as unbroken.

3) Right click a web page and select "Properties" (Internet Explorer) or "View Page Info" (Firefox / Mozilla). This will open a panel that gives the complete details of any security measures employed. It will give the name to whom the secure certificate has been issued (in the case of ammonet-secure.net, the owner is Benson Web Services, Zuerich, Switzerland), who issued the certificate (Thawte, a subsidiary of Verisign), when it expires, level of encryption (128 bit)

4) If the Thawte logo is displayed, click on it to open a link to the Thawte database which will validate the certificate in terms of date, owner, site name and whether the certificate matches the site it is being viewed from.

Most browsers display a warning if you are about to access a secure page that does not match the certificate with which it is associated.

Disclaimer: ammonet utilises the most modern, industry-standard encryption technology available. Transmitted data are encrypted in transit, both from the buyer's computer to the server and from the server to the merchant's computer. Unlike some other services, we store all of our data on the secure server, which is itself an SSL-secured computer, in encrypted form. Nevertheless, we cannot definitively exclude the possibility that our server could be accessed by unauthorised intruders. We therefore offer no guarantee whatsoever that any data stored on our server are immune to unauthorised access, and we accept no responsibility whatsoever for damages arising from compromised encryption on our servers. We advise all of our users to delete data that are unlikely to be of future use.


What is SSL (secure socket layer)?

Working with your Secure Server directory

The secure server location is: https://www.ammonet-secure.net Your secure directory will, most likely, be named similarly to your username. We will e-mail to you a login name and password to log into the secure server via FTP so that you can set up your files. You can make sub-directories under your secure directory, as well.

The secure server does have some limitations. The foremost limitation is that you cannot run your CGI scripts on the secure server. This is for security reasons and due to the amount of server load unlimited scripts would inflict on a secure server with several hundred customers on it. We do, however, provide you with an interface to a form mail script (fmail.pl, just like the one in your virtual server) that allows you to use online order forms to process any sensitive information a customer would not normally transmit over an unsecured site (e.g. credit card information). You interface with the fmail.pl in the same way that you do on your normal virtual server, except that in the thankyou reference, you must change the URL to the secure server rather than your normal virtual server. Details are provided with the instructions for the secure server sent to you when you request the secure server activation. PGP encryption

PGP now!

The issue of security has arisen regarding the transmission of the processed mail form from the secure site to unsecured e-mail (where all forms processed by form mail go). This problem is most easily by-passed using the ammonet secure data transmission system. However, it is also possible to implement PGP security (Pretty Good Privacy) that will encrypt the e-mail as it leaves the secure server to be decrypted upon arrival at its destination by the recipient's PGP. PGP, in itself, is a VERY stable and secure encryption system. ammonet supports RSA encryption. We do not support DSS/Diffie-Hellman encryption keys. When you install PGP, be sure to chose the appropriate version so that you are able to generate RSA keys. Most of the free international versions do this (www.PGPi.com). Some of the latest North American versions offer only DSS/Diffie-Hellman). The MCPS electronic gateway used in our full e-commerce option uses this technology.

• Enabling PGP encryption for your Secure directory

First, you should know what PGP is, how it works and have a functional copy on your work station. If you do not, then you need to reach this point before working on your secure directory. You can obtain a copy of the appropriate PGP program from the links below. PGP is available as freeware and in commercial applications, as well as for different OS platforms, such as Mac and Windows, and in different languages. We do not go into great detail on our site about the use or configuration of PGP because it can be different from system to system and version to version. After you have reached the point of utilising PGP on your own computer, you are ready to implement PGP on your secure directory. Send us your public PGP key for implementation on your secure directory (if you don't know what we are referring to, you need to read the PGP documentation some more).

http://web.mit.edu/network/pgp.html - the MIT distribution site for the freeware version of PGP for use in the USA and Canada.

http://www.PGPi.com/ - the International PGP Homepage with downloads, faqs, and extensive documentation.

http://www.pgp.com/ - the developers of PGP, direct support, information on features, free download for personal use etc.

http://cryptography.org/getpgp.htm - PGP FAQs.

Obtaining your own Secure Server

Do you need to have a secure server in your own domain name? Do you need to utilise CGI scripts on a secure site (a shopping cart system, for example)? You have the option to obtain your own secure server installed along with your virtual server. Having your own secure server has its costs, however. There are setup fees for the secure certificate through Thawte or Verisign ($100-$300), then the fees for setting up the secure server software and generating the secure server keys needed to interface with the secure certificate. If you are interested in getting your own secure server, please e-mail us for more information. EMAIL LINK


Secure server

ammonet secure data transmission system is sufficient for most secure transmission requirements. However, should you wish to put a highly confidential document on-line, ammonet can provide you with a secure directory on our secure server, without extra charge, for this special application. The secure directory allows you to offer secure information over the SSL (secure socket layer), protecting and encrypting all data transferred between the visitor and the server.

Working with your Secure Server directory

The secure server location is: https://www.ammonet-secure.net Your secure directory will, most likely, be named similarly to your username. We will e-mail to you a login name and password to log into the secure server via FTP so that you can set up your files. You can make sub-directories under your secure directory, as well.

The secure server does have some limitations. The foremost limitation is that you cannot run your CGI scripts on the secure server. This is for security reasons and due to the amount of server load unlimited scripts would inflict on a secure server with several hundred customers on it. We do, however, provide you with an interface to a form mail script (fmail.pl, just like the one in your virtual server) that allows you to use online order forms to process any sensitive information a customer would not normally transmit over an unsecured site (e.g. credit card information). You interface with the fmail.pl in the same way that you do on your normal virtual server, except that in the thankyou reference, you must change the URL to the secure server rather than your normal virtual server. Details are provided with the instructions for the secure server sent to you when you request the secure server

Obtaining your own Secure Server

Do you need to have a secure server in your own domain name? Do you need to utilise CGI scripts on a secure site (a shopping cart system, for example)? You have the option to obtain your own secure server installed along with your virtual server. Having your own secure server has its costs, however. There are setup fees for the secure certificate through Thawte or Verisign ($100-$300), then the fees for setting up the secure server software and generating the secure server keys needed to interface with the secure certificate. If you are interested in getting your own secure server, please e-mail us for more information.
























Site Map

ammonet.ch | ammonet.de | ammonet.fr | ammonet.it

All text, translations, images and coding are Copyright © 1997-2017 ammonet InfoTech. All rights reserved.