Safety and Privacy
PetSmart.com uses version 1.2 of the Transport Layer Security (TLS) industry standard protocol to encrypt online transactions as evidenced by the “s” in https:// and by the closed padlock icon displayed to the the right of the address in Internet Explorer and to the left of the address bar in Firefox and Chrome. TLS provides authentication, confidentiality, and data integrity between two communicating applications and is based on the earlier Secure Socket Layer (SSL) standard as described by Polk, McKay, and Chokhani (2014). A cipher suite specifies the algorithms to use for key exchange and provides the confidentiality and integrity services that combined provide the cryptographic support in TLS. An examination of the security settings of the petsmart.com checkout page in Chrome revealed that the domain was verified by GeoTrust and that the connection was encrypted using the Advanced Encryption Standard (AES) operating in cipher-block chaining mode (CBC) using a 256-bit cipher. Messages were authenticated using a Secure Hash Algorithm (SHA). Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) was used along with the Rivest-Shamir-Adleman (RSA) cryptosystem for the key exchange (Figure 5).