What is SSL and how does it help me?

We use Secure Socket Layer (SSL) technology for mutual authentication, data encryption and data integrity - all to ensure secure transactions for our customers. SSL is the industry standard security protocol to encode sensitive information, such as your credit card number. SSL creates a shared digital key which only lets the sender and the receiver of the transmission scramble or unscramble information. To everyone else, even the servers relaying the message, the SSL transmission is indecipherable.

SSL encryption can only be broken by intercepting the encrypted message, recording it, and using a computer to try every possible combination until the key is cracked. Most keys range from 40 to 1,024 digits long...as you can imagine, the number of possible combinations can be into the billions and beyond, which can put your mind at rest that your details are secure - as it would take thousands of years for the message to be decrypted by brute force.

What is encryption?

Encryption is based on the mathematical scrambling and unscrambling of messages. The type of encryption we use is one of the strongest, public key cryptography, which assigns two keys - one is a public key and one is a private key. When you send us a message, you use our public key to encrypt your message. Once we receive your encrypted message, we use the private key to decode it. The same key cannot both encrypt and decrypt information. So, information encrypted using the private key can only be decrypted using the public key, and vice versa- ensuring the security of your information.

I've heard a lot about Secure Sites. What are they?

Before completing any transaction on a website, you should make sure it is a Secure Site. Being on a Secure Site means you are connected under the cloak of SSL security. You can tell if you are on a Secure Site if you see a padlock or key somewhere along the bottom of your browser's window. If the lock is closed or if the key is unbroken, you are dealing with a Secure Site.  

To see the information on the server 'certificate' for the server that our website is running on, click the padlock when it appears (usually when you are using the checkout facilities). This will display a window similar to the one below:

You can see the date the certificate was issued, and it's date of expiry. Note that the certificate is issued to www.peonybox.com, which is the secure server our website is currently running on. Further details on the certificate can be viewed by clicking the other tabs on the certificate information window.