Secure Encypted Storefront

CyberTradingUniversity.com offers a secure shopping experience.  All personal data transactions on our website are transmitted with 256-bit SSL/TLS encryption. 

SSL/TLS Encryption is defined as:

The TLS protocol allows client/server applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and communications confidentiality over the Internet using cryptography.

In typical end-user/browser usage, TLS authentication is unilateral: only the server is authenticated (the client knows the server's identity), but not vice versa (the client remains unauthenticated or anonymous). More strictly speaking, server authentication means different things to the browser (software) and to the end-user (human). At the browser level, it only means that the browser has validated the server's certificate, i.e. checked the digital signatures of the server certificate's issuing CA-chain (chain of Certification Authorities that guarantee bindings of identification information to public keys; see public key infrastructure (PKI)). Once validated, the browser is justified in displaying a security icon (such as "closed padlock"). But mere validation does NOT "identify" the server to the end-user. For true identification, it is incumbent on the end-user one of the following. To cipher something using the public key contained in the certificate and assure that the server can understand it, or to be diligent in scrutinizing the identification information contained in the server's certificate (and indeed its whole issuing CA-chain). These are the only two ways for the end-user to know the "identity" of the server.

In particular: the "locked padlock" icon has no relationship to the URL, DNS name or IP address of the server - thinking otherwise is a common misconception. Such a binding can only be securely established if the URL, name or address is specified in the server's certificate itself. Malicious websites can't use the valid certificate of another website because they have no means to encrypt the transmission such that it can be decrypted with the valid certificate. Since only a trusted CA can embed a URL in the certificate, this ensures that checking the apparent URL with the URL specified in the certificate is a valid way of identifying the true site. Misunderstanding this subtlety makes it very difficult for end-users to properly assess the security of web browsing (though this is not a shortcoming of the TLS protocol itself — it's a shortcoming of PKI).

TLS also supports the more secure bilateral connection mode (typically used in enterprise applications), in which both ends of the "conversation" can be assured with whom they are communicating (provided they diligently scrutinize the identity information in the other party's certificate). This is known as mutual authentication. Mutual authentication requires that the TLS client-side also hold a certificate (which is not usually the case in the end-user/browser scenario). Unless, that is, TLS-PSK, the Secure Remote Password (SRP) protocol, or some other protocol is used that can provide strong mutual authentication in the absence of certificates.

User Responsibilities

We can not make any guarantees in reference to passwords and username security. Users are responsible to create difficult and unique usernames and passwords to access CyberTradingUniversity.com to prevent malicious attacks or data insecurity.