Important Points

Components of your web page, which we provide, will strongly encrypt your client's order form instead of the web browser.

SecureCottage will email this encrypted order form to you.

Your RSA private decrypting key is securely held in the filesystem of your computer. Browser persistant storage, available in Internet Explorer and Firefox II, makes this possible.

You decrypt your emailed order with our decrypting web page on the privacy of your own computer.

Only you can decrypt your order on your computer.

A Description of the SecureCottage Ecommerce System

Most Ecommerce schemes have an order and checkout system where each order initiates a CGI/PHP script that updates a database. Finally when checkout happens, these database entries are turned into an invoice. The invoice proceeds to a secure web (HTTPS) credit card entry page. From there an invoice print page is returned.

In the SecureCottage Ecommerce method, components of your web ordering page, which you obtain from SecureCottage, encrypt your client's order form with 1280 bit RSA encryption at the client's workstation (ie., the web page encrypts, not the browser as in HTTPS). This encrypted order is then emailed to you. You then use SecureCottage web pages, to decrypt this order on the privacy of your own computer.

SecureCottage supplies you with the ability to generate public and private RSA keys for each email address on which you wish to do Ecommerce. Your public keys are published with SecureCottage, and your private RSA keys are held in the privacy of your own computer.

Actually, a two step process is used. Your order form is encrypted on the client's ordering computer, and sent to a generic SecureCottage credit card page. This HTTPS (secure web) page encrypts your client's credit card details and emails both your client's encrypted order and credit card details to you.

The generic credit card page is necessary since no knowledgable web person would enter credit card details into a non secure web (HTTP) page. Since your web pages will not be on HTTPS, the generic web page is needed. It will contain the secure lock image everyone looks for before they enter their credit card details.

In the Paypal option your client's encrypted order is emailed to you, and then a detour is made to the Paypal credit card processing pages. The SecureCottage credit card entry page is not used.

SecureCottage uses the safety and security of the RSA computer cipher. This is the same cipher used by Internet Explorer and Netscape to encrypt communications on the Secure Web (HTTPS) System. RSA is based upon the difficulty of factoring large numbers and performing discrete logarithms of large numbers. For hundreds of years the best mathematicians in the world have pondered for easy ways to perform these mathematical tasks without success.

1280 bit RSA keys are used, the same length as Internet Explorer and Netscape use.

The SecureCottage Ecommerce System allows you to have a web presence where you can sell your goods and wares, without need of server databases and your own HTTPS secure web pages.

The system is perfect for small businesses who can already take credit card purchases, but who do not wish to outlay on an expensive web site for their goods.

The Paypal option is also available. The Paypal option allows an interface with the merchant facilities of Paypal. Using this option, you do not have to be able to process credit cards. Paypal will do this for you in real time. Consult here to find out more.