COSS realizes the important nature of data collected by our customers and partners. For that reason we have developed various methods of data security. The following summarizes many of the security mechanisms used in the system:

Authentication: Authentication is a way to validate user credentials against a back-end database over a secure line. This is similar to logging into a brokerage account. The COSS Internet system employs an authentication database. Authentication consists of UserID and Password. All user passwords are encrypted on the server and stored in the database.

Secure Socket Layer (SSL): SSL is the encryption standard for sending encrypted data between a Web browser and a Web server. SSL is widely accepted and used throughout the Internet for transferring data such as credit card numbers or other sensitive information.

Authentication Database: This database contains credential information such as UserID and password for all users of the system.

Two factors authentication - Security Server (optional): To better protect the data in the system, a COSS customer may deploy within the COSS Internet system a third-party security server such as the RSA/ACE server. This gives you two factors of system security. The first security factor is the "something you know" factor; these are user logon ID and password. The second factor is the "something you have" factor. The second security factor requires hardware tokens (keys) or smart cards in order to access the system.