Security of your purchasing information is our top priority!  Below you will find general information on our security. 

How secure is our site?

We have the highest possible security available to date.  The United States remains the world leader in encryption technology to secure data.  The highest legal encryption available to commercial use in the U.S. at this time is 128 Bit Encryption using Secure Socket Layer Protocol.  128 Bit Encryption is not exported outside the United States.  This ensures that we maintain the highest level of security.  We have partnered with GeoTrust to utilize Secure Server SSL Certificates to be sure to provide you with a non-shared, Secure Server Certificate which encrypts your data to be sure that your data is safe with us.  True BusinessID™ from GeoTrust® is the ultimate online security and trust solution delivering both 128-bit SSL security and the True Site™ trust mark providing third-party website identity validation.

What is SSL?

The Secure Sockets Layer (SSL) protocol, originally developed by Netscape, has become the universal standard on the Web for authenticating Web sites to Web browser users, and for encrypting communications between browser users and Web servers. Because SSL is built into all major browsers and Web servers, simply installing a digital certificate, or Server ID, enables SSL capabilities.

What are authentication and encryption?

SSL server authentication allows users to confirm a Web server's identity. SSL-enabled client software, such as a Web browser, can automatically check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) - such as GeoTrust - listed in the client software's list of trusted CAs. SSL server authentication is vital for secure e-commerce transactions in which users, for example, are sending credit card numbers over the Web and first want to verify the receiving server's identity.

An encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, protecting private information from interception over the Internet. In addition, all data sent over an encrypted SSL connection is protected with a mechanism for detecting tampering - that is, for automatically determining whether the data has been altered in transit. This means that users can confidently send private data, such as credit card numbers, to a Web site, trusting that SSL keeps it private and confidential.


How do Server IDs work?

1.A customer contacts this site and accesses a secured URL: a page secured by a Server ID (indicated by a URL that begins with "https:" instead of just "http:" or by a message from the browser).

2.Our server responds, automatically sending you, the customer, our site's digital certificate, which authenticates our site.

3.Your  Web browser generates a unique "session key" to encrypt all
communications with our site.

4.Your browser encrypts the session key itself with the site's public key so only the site can read the session key.

5.A secure session is now established. It all takes only seconds and requires no action by you, the user. Depending on the browser, you may see a key icon becoming whole or a padlock closing, indicating that the session is secure.

NOTE: Our site goes into the secure mode only beyond the shopping cart area, where your information is imputed.

This site utilizes a 128-bit SSL (GeoTrust) ID. What is the difference between a 40-bit SSL (Secure Server) ID and a 128-bit SSL (Global Server) ID?  The primary difference between the two types of Server IDs is the strength of the SSL session that each enable. Currently SSL comes in two commercially available strengths, 40-bit and 128-bit, which refer to the length of the "session key" generated by every encrypted transaction. The longer the key, the more difficult it is to break the encryption code. 128-bit SSL encryption is the world's strongest: according to RSA Labs, it would take a trillion-trillion years to crack using today's technology.

128-bit SSL Certificates are virtually unforgeable: the cryptographic keys contained within them are almost unbreakable. GeoTrust sells Server IDs only to legitimate businesses that are capable of authenticating their identity to GeoTrust and that meet the necessary U.S. government qualifications. GeoTrust's thorough authentication procedures help to ensure that 128-bit Global Server IDs cannot be obtained under false pretenses. And GeoTrust's lifecycle services for monitoring the status of SSL Certificates help you ensure that you keep your SSL Certificate - and your site's security - up to date.

Microsoft and Netscape offer two versions of their Web browsers, export and domestic, that enable different levels of encryption depending on the type of Server ID with which the browser is communicating.