Credit Card Security
Read our Privacy Policy
How We Ensure Your Credit Card Security
We take your security very seriously. We know that your credit card security is our business, and we do everything possible to make your transactions safe.
We validate (but do not charge) your card when you first place your order with us. This helps us process your order more quickly because we can catch typos and you can correct them right away.
We charge your card only when we actually ship your products out to you. All your credit card information is transmitted encrypted, and kept encrypted and password protected. It is not accessible from the Internet or web in any way.
We do not store customer credit card information for longer than 30 days.
Our site uses SSL (Secure Sockets Layer) to ensure that your personal and sensitive data -- credit card number, name, address, and so on -- is transmitted securely, every time. In addition, we use internal security measures to further increase your data security.
When we ask for your credit card number or other personal information we transfer that information from your computer to ours via Secure Sockets Layer (SSL). SSL encrypts your data before it is transmitted. If someone "listens in" on the wire, they'll only get encrypted information.
Yes, even encryption can be broken, but it's not easy. If your browser is older and uses the short or 40-bit key, in theory your key can be broken by a knowledgeable person who has access to networks of workstation-class computers. However, all current versions of common web browsers already include 128-bit encryption automatically, and breaking this encryption would take longer than the age of the universe -- even if you could harness all the computers in the world. That's pretty secure!
The Risks to You
Forget the Internet for a moment. When you give someone your name and credit card over the phone or in person, you run two risks. These risks are:
- The person receiving the card will copy your card number and name and use that information fraudulently.
- Another person will overhear or find your card number and name -- say in a trash can of carbons -- and use it fraudulently.
When you send your credit card over the Internet, you run LESS of a risk than when you read it over the phone to a mail order company, or hand it to a waiter in a restaurant. Why? Because we don't use carbons. We don't write your information down. We don't repeat your number aloud in a room full of telemarketers. You enter your data and it goes directly into our system, where it is stored encrypted and password-protected.
Buying from our site with a credit card is safer than paying for dinner out.
What if Someone DOES Get Your Name and Card Number?
In most cases, your credit card company won't charge you for a charge you didn't make. In most places, by law, you cannot be liable for more than $50 on any charge made fraudulently on your card, as long as you notify your credit card company in a timely fashion. So, in fact, you're probably already protected. While most places give legal protection to credit cards, debit cards are often covered by different laws. If you are using a debit card you should check your local consumer protection laws.
About Encryption
The best encryption available requires that your browser use a 128-bit key or better. If you're interested in finding out more about encryption issues and the politics of encryption, take a look at the Electronic Privacy Information Center.
