PGP—what is it?
“PGP” stands for “Pretty Good Privacy,” a security program designed to protect E-mail transactions. PGP uses encryption to achieve this. “Encryption” means to change a plain message into a secret code, to “scramble” it so that it cannot be read by any unauthorized persons. Encrypted messages look like a block of alphanumeric gibberish.
PGP enables our customers to E-mail us sensitive information, such as credit-card orders, from their secure servers to our office (outside of their network) without worrying about unauthorized people gaining access to that information. Once we receive the message, PGP enables us to decrypt, or “unscramble,” it. You can place credit-card orders to us with confidence.
Some Questions & Answers
Q: Can you tell me what the difference is between VeriSign, Thawte, and PGP?
A: All three are reliable encryption programs that perform similar functions. The only difference is that VeriSign and Thawte won’t show any E-mail headers (Subject, Date, Received, From, and To), while PGP does show the header, but the rest of the message is scrambled.
Q: Why did your company choose PGP over VeriSign and Thawte?
A: PGP meets our security needs and is most cost-efficient for us. MSM Productions, Ltd., is a small company, and only two people have access to credit-card orders and know the password. If we were a bigger company with a large staff and branches, we’d have to use VeriSign or Thawte. Since these programs are relatively costly, we’d have to pass along some of the additional cost to our customers—to increase the handling charges on your orders. We prefer to avoid this. Using PGP helps us keep our handling charges low.
Q: Am I supposed to see an icon to let me know that my message is safe?
A: VeriSign and Thawte show a small padlock icon at the lefthand corner of the bottom window border. When the padlock is shown locked, the E-mail has been secured. PGP doesn’t use this padlock icon.
Q: When I click the “Submit” box, I get a “Security Notice” warning that says, “You are submitting a form which is not secure. The information you are sending can be read in transit.” Why? Doesn’t PGP protect it?
A: Even if you see this warning, your submission is definitely protected by PGP. As noted above, only the header is readable. The message itself is encrypted and cannot be read in transit. It is secure.
Q: Can I test this?
A: Yes. We want you to feel comfortable sending us credit-card orders. If you’d like to test PGP’s efficiency, you can type a single sentence and E-mail it to yourself to see what an encrypted message looks like. See below.
|
