While Bohemia employs strong hashing algorithms for all data (credentials, orders, messages etc) which is stored, it is important that users (if haven’t already) familiarize themselves with the PGP (Pretty Good Privacy) protocol as a means of encrypting sensitive data, which other parties (in the eventuality of a seize) cannot access.

We explicitly recommend that all communication within the Bohemia platform is encrypted through the PGP protocol. When attaching sensitive information to an order for a merchant to see, such as your home address, please encrypt the contents using your PGP tool of choice along with your chosen merchant’s PGP key – for convenience a “Merchant PGP Key” can be clicked in the cart page to quickly show the merchant’s PGP key for purchases on the fly.

PGP can also be used a means of authenticating a deposit address prior to broadcasting any transactions – on the deposit page selecting the “Verify Address” button will reveal an encrypted message containing the address and your username, which can only be decrypted by the key associated to your account. You should verify each, and every address prior to any deposits.

Thanks to the constant innovation of technology, PGP software can be found on any operating system known to man. A list of tools worth mentioning are:

Windows: Gpg4win (https://www.gpg4win[dot]org/)
Linux: GnuPG (https://gnupg[dot]org/)
iOS: PGP Everywhere (https://www.pgpeverywhere[dot]com/)
Android: OpenKeyChain (https://www.openkeychain[dot]org/)

Using any search engine, you can find brief tutorials for each of the above which will guide you through step-by-step to create your own unique PGP key, and then encrypt/decrypt messages.

The administration of Bohemia wishes to emphasize the importance of using PGP encryption to protect yourself (as a buyer or vendor), and to most importantly: never share your private key with anybody. It is 2021, there is no excuse anymore to not use PGP.

– The Bohemia Team

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *