King Cake Security
This Web site takes every precaution to protect our users’ information. When users submit sensitive information via the Web site, their information is protected both online and off-line. When our registration/order form asks users to enter sensitive information such as their credit card number, that information is encrypted and is protected with the best encryption software in the industry known as SSL or Secure Socket Layer.
After CHECK OUT customers are connected to a secure server for their name, mailing address, contact information, and credit card number. The secure server guards against information being stolen or altered as it travels over the internet by encrypting personal information or converting it into unintelligible data. SSL encrypts the data before transmission over the Internet-128 bit encryption. Data translated into a secret code that can only be deciphered by a secret key that is given to the intended recipient. It uses Public/Private Key Encryption. The public key is for senders and the private key is for recipients. It is virtually impossible for unauthorized holders of the public key to deduce the private key. It is estimated that it would take someone a trillion years to break the strongest encryption forms such as SSL because it uses 128-bit encryption. That’s how hard the technology is to penetrate. Consumers are at more risk giving their credit card numbers to a waiter in a restaurant or to a gas station employee than they are giving their credit card numbers to an online merchant.
In fact, despite the impression the news media may have given, there has not been a single documented case of fraud involving the interception of a credit card number transmitted via a secure server over the Internet to date!
*Important* Email is NOT a secure means to send information as it is not encrypted. We strongly encourage you to use our secure ordering process when shopping.
Keep in mind that Visa, and MasterCard have a zero liability policy for their credit card holders for purchases make online. This means that customers are never responsible for unauthorized transactions on their credit cards.
What is Secure Socket Layer?
Secure Socket Layer is a security protocol that was first introduced by Netscape in the early '90s. SSL will allow users to send and receive information to companies on the World Wide Web in an encrypted manner. This means that any information such as, text, pictures, forms that are transmitted through the Web browsers will be completely encrypted. When information has to get from one point to another, it travels throughout several computers. The data that is sent through the Internet may travel across 25 or 35 networks. When this data is in transit, any one of these computer systems represents an intermediary with the potential to access the flow of information between the user's computer and a trusted server. The Internet does not provide built-in security. However, SSL will encrypt the data in a manner that will prohibit interlopers from reading data that the user is sending or receiving. SSL provides privacy, authentication and message integrity.
How Does Secure Socket Layer Work?
Upon the initial connection, SSL does a security handshake, which is used to start the TCP/IP connection. SSL uses encryption and authentication technology developed by RSA. RSA is a public key cryptography for both encryption and authentication. RSA is part of many official standards worldwide. Data that is encrypted with the public key, can only be decrypted with a private key, and vice versa. Authentication is the process of verifying that the user is actually who he or she claims to be.
During a secure transmission, the client and the server use what are called keys. As mentioned earlier, there are two keys, a public key and a private key. The public key is available to everyone, however, the private key is only available to the user. For example, suppose John wanted to send Mary a message. John can use Mary's public key to encrypt the message and then send it to her. Once Mary receives the message, she can decrypt it by using her private key. Mary can be assured that she was the only one to read the message, because only her private key can decrypt the data that was encrypted using the public key.
In order to make the message even harder to decrypt, a technique knows as digital signature is used. A digital signature is a code that can be attached to the message that is being sent, that uniquely identifies the sender. The purpose of the digital signature is to guarantee that the user sending the message is actually who he or she claims to be. However, there is still a problem with this. By having only a public-private key and a digital signature, any user can still fake who he or she is. To solve this problem, another attachment is made to the message. A digital certificate performs connection verifications between server's public key and server's identification. These certificates are issued by third parties called Certificate Authorities (CAs). A Certification Authority is a trusted authority responsible for issuing certificates used to identify a community of individuals, systems or other entities which make use of a computer network.
A user that wishes to send an encrypted message applies for a digital certificate through a CA. The CA issues an encrypted digital certificate containing the user's public key and a variety of other identification information that was mentioned above. The CA uses its private key to encrypt the digital signature, so it cannot be forged.
By using the methods of encryption described so far, no hacker will be able to read messages that do not belong to them. However, there is still a chance that the hacker that stands between two users can damage the messages that are sent, although he cannot read them. The hacker can just replace the message with garbled information. The reason is because he knows what protocol the users are utilizing. In order to prevent this, a new technique has been introduced called Message Authentication Code (MAC), which can be used in the protocol. A MAC uses an algorithm that computes a secret piece of data that is then added to the message. The values of a MAC can be 40 or 128 bits, which would make it impossible to try to figure out what the right MAC is. The odds of guessing are 2 to the power of 128.
There are two ways to find out whether a document comes from a secure server. One way is to look at the URL. If the URL begins with https:// as opposed to http://, then the document comes from a secure server. Another way to verify the security of a document in a Netscape browser, is by looking at the golden key in the lower left corner of the screen. If the key displayed is broken with a gray background, that means that the document is insecure. However, if the key is not broken and a blue background is displayed, then the document comes from a secure server.