Security

There are three parts to the security question when entering your private information into a webpage:

Who am I really dealing with?
What happens to my data as it travels over the internet?
What happens to my data when it reaches its destination?

SSL

The National Eczema Society uses Secure Sockets Layer (SSL) technology to address the first two issues above.
The Secure Sockets Layer protocol, originally developed by Netscape, has become the universal standard on the Web for authenticating Web sites to Web browser users, and for encrypting communications between browser users and Web servers.

What are authentication and encryption?

SSL server authentication allows users to confirm a Web server's identity. SSL-enabled client software, such as a Web browser, can automatically check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) - such as Thawte or VeriSign - listed in the client software's list of trusted CAs. SSL server authentication is vital for secure e-commerce transactions where you are sending credit card numbers over the Web and first want to verify the receiving server's identity.
An encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, protecting private information from interception over the Internet. In addition, all data sent over an encrypted SSL connection is protected with a mechanism for detecting tampering - that is, for automatically determining whether the data has been altered in transit. This means that users can confidently send private data, such as credit card numbers, to a Web site, trusting that SSL keeps it private and confidential.

Authentication and encryption then are the answers to questions one and two above.

Authentication means that you can be sure you are dealing with the National Eczema Society and not some fake site masquerading as us.
Encryption means that your data is secure as it travels over the internet to reach our servers.

Your browser will tell you that SSL is in use in two ways:

The location/URL will begin with https instead of http. The s denotes that SSL is in use.
The padlock symbol will change to show this is a secure connection. The change depends on which browser you have. On some browsers it becomes illuminated, on others it switches from an open padlock to a closed one.

Our Servers and Security

As we have seen the National Eczema Society servers use SSL to make sure data arrives safely. But what happens to it then?

The Aktivate software that we use for our e-commerce transactions does two things to the data:

It encrypts the data using its own algorithms.
It then uses its database's encryption routines to further encode your confidential information.

The result is that the data held in the database is scrambled beyond recognition because of this "Double Encryption" process. Only Aktivate can make sense of the data, this means that if malicious attacks are made against our servers the attackers will only get their hands on unintelligible data and not your private information.

Go Back to the previous page.