Information on the subject of security on the internet
The internet is progressively evolving into an integral part of our daily lives. It offers a series of amenities and beneficial opportunities. At the same time, however, its use also entails a series of security risks, which have to be countered by appropriate measures.
Security of the online portals
We attach particular importance to the security of your data. This is why the online por-tals of Der Grüne Punkt – Duales System Deutschland GmbH are based on a sophisti-cated, state-of-the-art security system. Thanks to continuous monitoring and updates, we offer you maximized security on these platforms.
Security at the internet-PC
For the security of our online portals, it is not only the multiplicity of safety precautions we have incorporated that are of major importance, it’s also the security of the PCs con-nected up to the internet.
Possible attackers are with increasing frequency exploiting not only the weak points of systems and applications, but also selectively target certain behavioral patterns of the users. Sensitive deployment of the technical options available, however, will enable most of the attacks to be successfully repulsed.
The following points are of major importance:
- Security at the internet PC
- Verifying the authenticity of the online portal concerned
- Checking the internet address (URL) of the online portal
- Certificate check
- Verification of the SSL server certificate
- General rules of conduct
To assure the security of your PC, make sure you comply with the following advice:
- Use and install only software from trustworthy sources.
- Always think whether you really need a particular software package, and whether you trust the producer and downloading source involved.
- As a general principle, you should never open, download or execute any files from unknown servers or email attachments of unknown origin. If this should nonethe-less prove necessary, we recommend you to at least check the files using an up-dated virus scanner.
Protection against viruses, worms and Trojan Horses
Once they have taken root in your system, viruses, worms or Trojan Horses have far-reaching opportunities there. As soon as malware of this kind has installed itself in your systems, protection of your data and the correct functioning of operating system and applications can fundamentally no longer be guaranteed.
In order to achieve an optimum defense against malware, it is necessary or expedient to install an up-to-date virus scanner and a personal firewall. Regular updates are also es-sential if these components are to remain effective.
Security updates for operating system and browser
Attackers and malware will sometimes exploit security gaps in the operating system and programs like the browser in order to sneak unnoticed into your PC. In order to minimize the attack potential through open weak points, updates for operating systems, browsers and safety components (such as a firewall or a virus scanner) should be installed imme-diately. Most programs offer automatic updating functions for this purpose, which at regular intervals look for updates on the producers’ websites, and install them as appro-priate.
Checking the authenticity of the online source
Authentication is the evidence provided by a communication partner that he is actually who he is claiming to be. For each of our online services, the authenticity is assured by use of the SSL protocol, where the authenticity of the partner involved is confirmed by a certificate. An initial and simple option for checking, moreover, is to scrutinize the inter-net address (URL) displayed in your browser.
Checking the internet address
As a user, you should always make sure that you know the correct address (URL) for the online portal concerned. At every session, check the URL displayed in the browser. Any unknown address can be classified as untrustworthy. Never enter personal information and/or your access data at unfamiliar addresses.
The online portals should always be called up from our own website. You should never use links to one of our online portals that are provided through websites or emails from other sources.
The addresses of our online services always begin with: https://, which signifies com-munication using the SSL protocol (= encoded communication with authenticity evidence from the source concerned).
SSL certification check
The SSL connection provides you with a guarantee that the communication taking place with our online portal is encoded. SSL certificates generally contain for this purpose the public code of the source concerned, plus particulars for unambiguous identification.
The SSL certificates of our online portals are made out to
“Der Gruene Punkt - Duales System Deutschland GMBH”.
You should never accept a certificate from another source within the framework of log-ging on to one of our online portals. A manual confirmation of the certificate involved is not necessary, since we use certificates from a trustworthy certification body (VeriSign).
Potential attackers will customarily use self-created certificates, whose authenticity can-not be verified beyond a doubt by the browser. They can be accepted only by a manual confirmation by the browser’s user.
So caution is well advised when it comes to confirmation requests for the certificates of the browser.
You can check the certificate of the source involved and particulars of the strength of the encoding for your SSL session by double-clicking on the “padlock” symbol in the browser’s status line.
Certification body
The certification body is an internationally recognized, independent and trustworthy agency that issues certificates. When the certificate is issued, special evidence of authen-ticity is required, so that subsequently the authenticity can be verified using the certifi-cate issued.
We use "VeriSign" as our certification body.
General rules of conduct
Keeping your username and password secret
Your username and your password may be used only on the secure environment of the online portal concerned. This information must never be transmitted by email or ren-dered accessible to third parties by any other means.
Make sure that no one is “looking over your shoulder” when you are entering your user-name and password. Nor should you store these sensitive data on your hard disk. Always deactivate the automatic password storage option of your browser.
Phishing
We will never ask you by email to reveal confidential information. Emails with contents like: “Please check your online service access immediately” will usually indicate an at-tempt to launch what is known as a “phishing” attack. Fraudsters will here be trying to lure users onto their website, so as to collect access information for the online portals. Usually these emails will contain direct links to the alleged online portals. The internet address here will in most cases exhibit only marginal differences from the online portal’s genuine address. So always check for confirmed authenticity of the source concerned, with the aid of the SSL certificate used.
Changing your password
Should you inadvertently have visited a doubtful website and revealed your data, we rec-ommend you to change your password for the online service concerned immediately. In addition, you should change your password for the online service concerned regularly (at least once a quarter).
Automatic termination of your connection
For reasons of security, the connection will be terminated automatically after a specified time if no actions have been performed by the user during this period. Data that have not been saved will be lost. In this case you will have to log on again.
Terminating your connection
Use the "Logout" function to terminate a session. Only when you have called up this function will your connection be properly terminated.