ammonet Secure data transmission - solutions for encrypted transmssion and storage of messages and credit card data

Encryption, secure data transmission, credit card security, secure messaging

ammonet secure data transmission technology is custom-developed and based on the best encryption methodology available.

Datensicherheit

Kreditkartendaten

E-Mail-Sicherheit

Spam

Secure Data Transmission

So, you've got credit card security under control, hey? How about this one. During 2002, the director of ammonet requested train reservations via the Swiss National Railways secure web site. Being an efficient service, within an hour they sent back an e-mail confirming the reservation. They included the full details of the journey and also the full details of the ammonet credit card - number, expiry date, card holder, the lot. Perhaps you'd better read on . . .

Credit card data

ammonet offers ammonet Secure, a browser-based secure credit card data transmission system FREE to all ammonet hosting customers. This system is ideal for businesses who already have credit card handling facilities and who require an easy-to-use, secure method to receive and store credit card details from their customers. Please note that this is a data transmission and storage system. It does not process or collect funds from credit card transactions.

Click here for details on credit card data transmission

Other security issues

SMTP security

As a security feature to prevent the use of the SMTP of your ammonet Business or Professional Account as a relay station for transmission of Unsolicitied Commercial E-mail (UCE, SPAM) and other unauthorised e-mail, valid users are authenticated by comparison with IP addresses previously recorded by your POP server. If you use a dial-up provider, it is likely that you are assigned a different IP address each time you log on. If you intend to transmit email via your ammonet SMTP, you should therefore check your incoming e-mail at least once each time you connect to your provider. On many e-mail programs, you can enable a feature that automatically checks your incoming e-mail before transmitting outgoing e-mail.

Secure server

ammonet secure data transmission system is sufficient for most secure transmission requirements. However, should you wish to put a highly confidential document on-line, ammonet can provide you with a secure directory on our secure server, without extra charge, for this special application. The secure directory allows you to offer secure information over the SSL (secure socket layer), protecting and encrypting all data transferred between the visitor and the server.

What is SSL (secure socket layer)?

Working with your Secure Server directory

The secure server location is: https://www.ammonet-secure.net Your secure directory will, most likely, be named similarly to your username. We will e-mail to you a login name and password to log into the secure server via FTP so that you can set up your files. You can make sub-directories under your secure directory, as well.

The secure server does have some limitations. The foremost limitation is that you cannot run your CGI scripts on the secure server. This is for security reasons and due to the amount of server load unlimited scripts would inflict on a secure server with several hundred customers on it. We do, however, provide you with an interface to a form mail script (fmail.pl, just like the one in your virtual server) that allows you to use online order forms to process any sensitive information a customer would not normally transmit over an unsecured site (e.g. credit card information). You interface with the fmail.pl in the same way that you do on your normal virtual server, except that in the thankyou reference, you must change the URL to the secure server rather than your normal virtual server. Details are provided with the instructions for the secure server sent to you when you request the secure server activation.

PGP encryption

The issue of security has arisen regarding the transmission of the processed mail form from the secure site to unsecured e-mail (where all forms processed by form mail go). This problem is most easily by-passed using the ammonet secure data transmission system. However, it is also possible to implement PGP security (Pretty Good Privacy) that will encrypt the e-mail as it leaves the secure server to be decrypted upon arrival at its destination by the recipient's PGP. PGP, in itself, is a VERY stable and secure encryption system. ammonet supports RSA encryption. We do not support DSS/Diffie-Hellman encryption keys. When you install PGP, be sure to chose the appropriate version so that you are able to generate RSA keys. Most of the free international versions do this (www.PGPi.com). Some of the latest North American versions offer only DSS/Diffie-Hellman). The MCPS electronic gateway used in our full e-commerce option uses this technology.

•

Enabling PGP encryption for your Secure directory

Zuerst sollten Sie wissen, was PGP ist, wie es läuft und Sie sollten eine funktionsfähige Kopie auf Ihrem Rechner haben. Falls dem nicht so ist, müssen Sie diesen Punkt beachten, bevor Sie auf Ihrem Secure Directory arbeiten. Sie erhalten eine Kopie des entsprechenden PGP Programms von den untenstehenden Links. PGP ist kostenlos zu erhalten oder als kommerzielle Anwendung, sowie für verschiedene OS Oberflächen, wie Mac und Windows, und auch in verschiedenen Sprachen. Wir gehen auf unserem Site nicht sehr ins Detail bezüglich der Anwendung oder der Konfiguration von PGP, da es von System zu System, bzw. von Version zu Version unterschiedlich sein kann. Wenn Sie PGP auf Ihrem Computer anwenden können, sind Sie auch fähig, PGP auf Ihrem Secure Directory auszuführen. Senden Sie uns Ihren öffentlichen PGP Schlüssel für die Ausführung auf Ihrem Secure Directory (wenn Sie nicht wissen, auf was wir uns beziehen, sollten Sie die PGP Dokumentation noch ein paar Mal lesen).

http://web.mit.edu/network/pgp.html - der MIT Vertriebssite für die kostenlose Version von PGP, für die Anwendung innerhalb der USA.

http://www.PGPi.com/ - die internationale PGP Homepage mit Downloads, Faqs, und umfassender Dokumentation.

http://www.pgp.com/ - die Entwickler von PGP, direkte Hilfe, Informationen über die Raffinessen, etc.

http://cryptography.org/getpgp.htm - PGP FAQs.

Erhalten Sie Ihren eigenen Secure-Server

Brauchen Sie einen Secure Server in Ihrem eigenen Domain Namen? Müssen Sie CGI Skripten auf einem Sicherheitssite (z.B. einem Shopping-Cart-System) verwenden? Sie haben die Möglichkeit, Ihren eigenen Secure Server zusammen mit Ihrem virtuellen Server installiert zu bekommen. Natürlich kostet ein eigener Secure Server. Die Setup Gebühren für das Sicherheitszertifikat von Thawte oder Verisign liegen bei $100 bis $300. Die Gebühren für das Setup der Secure Server Software und das Einrichten der Secure Server Schlüssel müssen mit dem Securezertifikat gekoppelt sein. Wenn Sie an einem eigenen Secure Server interessiert sind, kontaktieren Sie uns per E-Mail für weitere Informationen: