How Internet Explorer Helps Keep Your Data Safe

Whether you're shopping, banking, or accessing your medical records online, how do you know someone can't monitor or intercept this confidential personal information? Internet Explorer helps protect your data by supporting standard security protocols (including Secure Socket Layer (SSL), digital certificates, and 128-bit encryption) which help manage the security of your information as it traverses the Internet.



How You Know a Site is Security Enhanced

When you get ready to enter personal information, Internet Explorer has several ways to show you that you're communicating with a site which supports security protocols.

1.

When you're about to enter a security-enhanced site, you may get the alert shown below. (If you don't see this message, it may have been turned off.) A similar alert pops up when you leave the site, too.

Security Alert dialog box
To turn off this warning, click to check In the future, do not show this warning before you click OK


Tip: If the Security Alert is not showing up, you can turn it back on. On the Internet Explorer Tools menu, choose Options. On the Advanced Tab, scroll to the very bottom of the list. Under Security options (you'll see the familiar padlock), click to check Warn if changing between secure and not secure mode, and then click OK. From then on, you'll see an alert every time you enter (or leave) a secure site.

2.

Once you get to the site, the Web address begins with https: ("s" for secure), and the locked padlock at the bottom of the window confirms the site's increased security. You can rest your mouse pointer on the lock to see the level of encryption.

Secure site lock icon

How Security-Enhanced Transactions Work

Internet Explorer 6 supports the set of rules and standards known as security protocols that enable computers to exchange information in a security-enhanced environment.

For example, when you visit your bank's website, and you submit your personal data, the bank's server automatically sends its digital certificate. This is essentially an electronic ID card that proves the bank's identity to Internet Explorer (your browser), and verifies that it was issued by a certificate authority that your browser trusts. This certificate is issued to the bank by a trusted third party called a certificate authority. In addition to proving the bank's identity, the certificate provides a cryptographic "key" that is used to encode and decode your communication with the bank. Once your browser approves the certificate, the secure server encrypts any information before it travels across the Internet.

Decoding Encryption

The information you send to a security-enhanced site is protected using encryption, a method of scrambling data that helps to prevent unauthorized users from reading or tampering with it.

When your computer and the site—say, your bank—are about to exchange encrypted data, a connection called a handshake is established between the two. The bank's server transmits the bank's key to your machine. Your computer then encrypts a unique key for that session, and for the rest of the transaction, your personal information is encrypted and authenticated using keys derived from this exchange. So if someone captures your information, it will appear as garbled text without the secret key. Once your data has been transmitted, it is decoded back into its original form, using a similar key.

And as complicated as this is, Internet Explorer 6 takes care of it for you in a split second.

The More Bits, the Better

The number of bits supported by your browser translates to how long and complicated (and thus hard-to-crack) the key code used to encrypt your data is. (A bit is the smallest unit of data in a computer.) Internet Explorer 6 (and version 5.5) supports 128-bit encryption, which is among the strongest encryption available.

Tip: Don't confuse 128-bit encryption with a 64-bit processor which refers to the number of bits that a computer can process at a time


Powered by
Powered by NetChain Communications, Inc.