Securing connections through a Secure Socket Layer (SSL) is the industry
standard for providing web security, used primarily for transmitting sensitive
information over the internet. With a secure connection between your browser
and a web site, no one else can easily access the data you send or receive
across the connection. Gemini Fund Services, LLC ("Gemini") uses SSL to encrypt
your log in name, password, and account information to give you a high level of
security for viewing account data.
Note: Your browser might occasionally display a security alert to notify you as
you enter and leave a secure connection. These alerts serve to tell you when
Gemini is taking precaution to keep the information you provide and receive secure
while it travels between your computer and our web server. You may choose not
to have your browser display this notification each time, or you may simply
click "continue" in each case.
Here's how SSL works:
Server certificates take advantage of SSL to work seamlessly between our web
server, and the client's web browser.
First, a browser contacts our site, accessing a secured URL (indicated by a URL
that begins with "https:" instead of just "http:" or by a message from the
browser). The request starts on port 443 rather than port 80. (Port 80 is the
default port for HTTP requests and responses.)
The web server responds, automatically sending the client our site's digital
Verisign © certificate, which authenticates our site. The client web browser
generates a unique "session key" to encrypt all communications with the web
server. The client's browser encrypts the session key itself with the web
server's public key so only our server can read the session key.
A secure session is now established. It all takes only seconds and requires no
action by the client user. Depending on the browser, the client may see a lock
icon in the lower right corner of his or her browser. All programs that run on
our server that communicate confidential information run under this unique
Besides SSL, we embed programmatic security features into our programs. After
logging in, users are assigned to a group. Only certain groups are allowed to
see certain pages. If the user falls out of range for the type of document they
are requesting, the server side program will redirect the user back to the log
A final feature we've included is session expiration after 30 minutes. If a
user becomes distracted or leaves the computer, he or she will not be permitted
to continue without logging back in with feature is after the user logs into
the system, he or she has 30 minutes to finish their browsing on our site
before our session with the browser expires. This is important, because it is
possible for the user to get distracted, and leave his or her computer logged
into our site. This could lead to corporate espionage.