










 
            "CEO"      CUSTOMER ENCRYPTED ORDERS      "CEO"








             Designed & Written By: ROBERT F. KEBER JR.

              Produced By: TypeRight SOFTWARE COMPANY






        WEBSITE:  http://members.aol.com/TypeRight/webpage.html


















              ??? WHY DID WE WRITE THIS AS A DOS PROGRAM ???
          
           <<< BECAUSE DOS PROGRAMS WILL RUN ALMOST ANYWHERE >>>

           DOS?..YES!    WINDOWS 3.1?..YES!    WINDOWS-95?..YES!
       WINDOWS-97?...YES!     WINDOWS-NT?...YES!     MACINTOSH?..SOME!


           "User Usability"... By A Larger Number Of Customers!


PURPOSE OF PROGRAM: "Customer Encrypted Orders" will be referred to as "CEO" 
in the rest of this text in an effort to make it easier to read.

CEO is a program which provides a protected (encrypted) customer order form 
for the use of both the "Seller" and the "Buyer" of products and services via 
the Internet.

The Buyer's ordering data (quantities, items, prices, address, phone, email, 
credit card information, and so on), is placed into a very small, encrypted, 
data file.

That file is then "Attached" to a message and emailed by the customer back to 
the Seller.

When the Seller receives the file, they run CEO and use their Main Menu 
Selection, "UnScramble Customer Data".

Two screens full of customer data will then appear, in normal "UnScrambled" 
English text. Each of those two screens can be printed, and together they 
form a full, one page, customer order form.

The program package consists of two main executable files, "SELLER.EXE" and 
"BUYER.EXE".

                             GETTING STARTED

Naturally, the "Seller" would use the SELLER.EXE file. When run, the program 
gives the selling company (or individual) several options for doing different 
things, each listed in a "Main Menu" screen.

The first thing which should be done, is for the Seller to enter all the 
information about their own company or operation. Things like your company 
name, mailing address, telephone, email address, and your encryption 
password.

Your encryption password is used to Scramble (and UnScramble) all of your 
customer's data, and it makes the encrypted files created with BUYER.EXE 
totally unique to just your customers.

Even if someone else obtains another copy of this CEO program, and then tries 
to read one of your customer's data files, they should not be able to 
unscramble your customer's data without your unique password.

Actually... there is almost no such thing as having an encrypted, coded, or 
scrambled computer file which is 100% safe and secure from some very 
determined, unscrupulous, and well prepared individuals. Even large banking 
firms (and even governments) can never feel completely secure.

But these kinds of people are NOT your average internet "hacker". Most are 
professionals, and they wouldn't waste their time trying to break into one of 
your scrambled customer files to be able to read the credit card data.

Especially when there is so much of the same kind of "unscrambled" data  just 
floating through the internet (neatly typed inside of many emailed messages) 
and falling right into their hands without any hassle, work, or wasted time. 
The process of collecting credit card information is so easy that the whole 
process can be automated and run 24 hours a day without any human 
intervention. That's why there's a big need for programs like CEO, which 
hides emailed credit card information from those kind of crooks.

The methods we used to encrypt the CEO files are multi faceted, and we don't 
want to say too much about how we do it. Even very general hints in that 
regard can place potential code breakers a long way down the road toward 
success.

Let's just say that our encryption is not a one step process, and several 
different steps of encryption are involved with the data before the final 
output file is ever created. So it's pretty tough for it's intended use.


                     SELECTING AN ENCRYPTION PASSWORD

The CEO program won't accept a short password. The minimum length is 35 
characters, with the maximum being 50 characters.

But that's NOT a problem, as this is a different kind of password from one 
you might use for your email or screen saver.

You only have to enter THIS password ONE TIME! And then you never have to 
enter it again.

Avoid well known phrases like "Mary Had A Little Lamb". They are too easy to 
figure out. Don't use your name, address or phone either. One of the better 
passwords would be a long series of nonsense, Upper & Lower case, letters and 
numbers, with some punctuation characters, and some random, single, blank 
spaces, without any repeating patterns in it.

Once entered, all of the seller's data is saved in a disk file named 
SELLER.KEY. Copy SELLER.KEY to a floppy disk as a backup in case someone 
accidentally changes your password sometime down the road.

To restore the backup, just copy SELLER.KEY from the floppy disk, back to 
your CEO hard drive folder. When CEO is run, the first thing it does is read 
the data in the SELLER.KEY file, which will then restore all of the seller's 
original data.

But.., once you begin using CEO for real, and have released your "patched 
copies" of BUYER.EXE to the public, you BETTER NOT change your Password even 
a little. Because, if you do, you will no longer be able to read the customer 
order files emailed back to you, and which were created using your ORIGINAL 
password.

You may change any of your other data (address, phone, products, prices, 
etc.), but NOT your password.

When SELLER.EXE "Patches" BUYER.EXE, it transfers all of your company's data 
from SELLER.EXE into the BUYER.EXE file.

You then release multiple copies of your patched BUYER.EXE file to the public 
either through direct email to your customers, or as a "CLICK HERE TO ORDER" 
download link from your website.

NOTE: Please don't upload BUYER.EXE to your local BBS. The file is only 
intended for people who already know about you and your products (from a 
webpage, telephone call, or other advertising). It is NOT INTENDED for BBS 
distribution.

As soon as several copies have been distributed to other parties, by whatever 
means, don't ever change your password again, or you will find yourself "on 
the outside... looking in", along with everyone else.

Not even "we" can help you at that point, because there is no "Pass Key" 
password.

If you can't remember your original password, and you never made a backup of 
the SELLER.KEY file, then your only recourse would be to email the customer a 
brand new version of your patched BUYER.EXE file, and ask them to fill out 
the order again (...not very "cool").

But that's one advantage of using email... you will always have the 
customer's return email address to fall back on.

Another hint: We find it's a good practice to verify the customer's name, 
address and telephone BEFORE processing the order. This can be done using any 
of several methods:

	- Call the customer directly, and read their information back to them. 
This is really the fastest and best method, especially if there are 
additional charges for sales tax or shipping and handling. Do not ask them to 
give their information to you again, as this is exactly what many crooks will 
do. Many smart people won't give out this kind of information to anyone who 
places a call "TO" them.

	- Use return email for sending the customer an invoice showing their 
name, address and telephone, and the total charges for this order... but NOT 
the credit card data. If you're going to do that... why even bother to use 
CEO at all? Include a note for them to contact you if there are any mistakes.

	- Call long distance telephone information.

	- Use one of the internet "Search Engines" for "Finding People" or 
"Phone Numbers".


This practice will help to weed out practical jokers from real customers, and 
is also the "last chance" to catch any data entry errors by the customers.



                  LISTING THE SELLER's PRODUCTS AND PRICES

SELLER.EXE has another feature where the seller can list from one to eight 
different products and their retail prices.

This was originally intended for items which might have attachments or 
optional equipment which the customer may want to purchase all at once.

An example might be: 

	Item1: LASER PRINTER
	Item2: Toner Cartridge
	Item3: Extra Font Cartridge
	Item4: Extra Ram Memory
	Item5: 25' Printer Cable

...and so on.

But if you wish to use this feature for selling more than one unrelated sales 
item... it's up to you.

The same sales item information will also appear in BUYER.EXE, and the only 
thing a customer has to do is enter "How Many" of each item they wish to 
purchase.

As they do, a running total for total amount of the sale is also shown on 
screen (1,000,000.00 program limit, in dollars, pesos, marks, pounds, etc.).

If you wish to only use this feature for just ONE item alone, then just enter 
what you want, and leave the remaining fields blank.

NOTE: To move from field to field in BOTH BUYER.EXE and SELLER.EXE: Press the 
"ENTER" key to move forward, and use your "UP-ARROW" key to move backward.


                            USING BUYER.EXE

When the customer downloads and runs BUYER.EXE, the first thing they see is 
what we call the "Opening Screen".

It contains the program's name, version number, and "OUR" company name, 
addresses, telephone, and so on.

It also shows "If" the current program is registered, and "Who" to, and the 
serial number of the program.

The "Opening & Closing Screens" pretty much belong to TypeRight SOFTWARE, and 
everything else inside of BUYER.EXE is for the seller's use.

The second screen is an explanation of the purpose of the program, and also 
includes a "Use at your own risk" Disclaimer. The disclaimer is a legal 
method of eliminating responsibility from the program's maker, the program's 
distributors, or the program's registered user, for any losses which the 
customer might encounter as a result of the use of CEO.

We've done all we can think of to make CEO a strong and easy to use program.

But it will be used almost exclusively on the internet, which is a kind of 
frontier. It can have some pretty shady characters lurking in the shadows. No 
one is in charge, there are no official police, no one is there to enforce 
the rules, or observe illegal things, or even keep score. There is no one to 
go to when you have a problem. It can be a very dangerous place for anyone to 
play around in.

We feel that to release CEO into such an environment, without any "recall" 
ability, and without knowing "who" a large number of our users are (which is 
the nature of Shareware distribution)...  to do this without a disclaimer and 
warning to the users, would be foolish on all of our parts.

The next two screens contain fields into which the customer will enter their 
name, address, phone, credit card information and items ordered.

After the customer has entered all of their data, and has double checked 
everything for correctness, the BUYER.EXE program will automatically create a 
very small (less than 2k) encrypted file with a default file name of 
"ORDER.CEO".

At the same time, another disk file named BUYER.KEY is also created or 
updated, which also contains all of the customer's input data.

Registered users of "CEO" have the option to rename the automatically 
created, encrypted file, ORDER.CEO to any standard (8.3) DOS file name they 
wish to use. unregistered users are stuck with using ORDER.CEO.

If, after exiting CEO, the customer discovers that they made a mistake, they 
only need to run CEO again. All of their old entries will be automatically 
filled in from the file BUYER.KEY, and they will NOT have to re-enter ALL of 
their data over again. They then only have to change whatever they need to 
"fix" the problem. The ORDER.CEO and BUYER.KEY files will be updated with the 
newest entries upon their newest exit from CEO.

ORDER.CEO is encrypted, and will contain The date of the order (dates good 
from 1950 through 2099), ALL of the customer's entered data, and exactly what 
item(s), and how many, were ordered. It will NOT contain the seller's data, 
or the encryption password. This will make breaking the code even more 
difficult for any "interceptors".

Just before their exit from CEO, the customer receives a printable, on-
screen, set of instructions to email the ORDER.CEO file back to the seller at 
an on-screen email address provided by the seller.

When the seller receives the emailed file, they just copy it to the CEO 
folder, and then run SELLER.EXE, using the "UNSCRAMBLE CUSTOMER DATA" menu 
selection.

Two full screens of the customer's data will appear, one right after the 
other, in UnScrambled English. By pressing your F5 key while on each of these 
two screens, a full page customer's order form will be printed for order 
processing.

