Realty Nuance

powered by Realty Nuance

Real Estate Dashboard® and security

Overview

Real Estate Dashboard® allows users to collect electronic signatures in a manner that provides a superior level of security and a significant reduction in risk compared to the traditional paper and ink method. Digital document management limits the exposure to fraud, error and loss that have plagued real estate brokers and agents who rely on paper transaction files – and their numerous photocopies – that circulate between parties involved in a transaction via mail, fax, inter-office courier and in the back seats of cars.

Realty Nuance has endeavored to go above and beyond the surface advantages inherent in the medium. This document outlines the specific areas in which security enhancements are especially relevant.

The "biometric signature"

A signature placed on a document in Real Estate Dashboard® is performed in the same way that a signature is collected on paper: a pen is placed to the document and the signer imparts their unique signature. This means of collecting an electronic signature is often referred to as a "biometric" signature because it has measurable properties that can be used to verify a signature.

Once the signature is places on the document, we have ensured that the signature cannot be tampered with or erased.

First, we have eliminated the "eraser" function from the Real Estate Dashboard® screen that displays documents. Any modifications to a document must be handled in the same way one would handle revisions on paper. Changes must be made by crossing out and initialing the corrected writing. Alternatively, the document may be deleted. This is a key differentiator from other means of collecting electronic signatures on a tablet PC (e.g., using Microsoft® Journal) which do allow the user to erase digital ink.

Second, when digital ink is placed on a document in Real Estate Dashboard® it is stored in the application's memory. When a document is saved in Real Estate Dashboard®, either in its proprietary file format (which is discussed below) or when exported or emailed as an Adobe® PDF file, the Real Estate Dashboard® automatically creates a high detail image of the signature or other ink notation. That image is then flattened onto the document in a process call rasterization. Once the ink is rasterized to the document, the ink's source biometric signature cannot be modified. The ink is, in effect, "burned" onto the document.

Our proprietary file format: DSD

The Real Estate Dashboard® utilizes a custom-designed proprietary binary encoding format – the DSD, or "Dashboard Serialized Document". This proprietary file format allows the rasterization process described above to take place, and ensures that documents housed in the Real Estate Dashboard® are stored and transmitted securely.

Specifically, DSD documents stored on a user's local computer are not viewable outside of the Real Estate Dashboard® application itself. So, for example, if a user's computer is compromised, DSD documents would not be viewable as access to the password-protected Real Estate Dashboard® would be required to open any DSD files on the user's hard drive.

The DSD format also ensures the security of files as they are moved between the local application and the online vault. DSD files are transferred to the vault server using web services located at a 128-bit SSL encrypted web address. Each request/response is encrypted in the DSD format which can be read only by the local Real Estate Dashboard® application and our server. Every transaction includes the registration key which is authenticated against the database.

Physical security

All files housed in the online vault are stored in large NAS. The NAS can only be accessed from within our network at our secure collocation facility. Our network is protected by a Cisco firewall.

Our collocation facility in Agoura Hills, California meets or exceeds legal and industry standards for security. Security measures include biometric door locks, alarm system, 24x7 security monitoring, and closed-circuit cameras.

Company backup policy mandates that frequently changing data, such as database devices, are fully backed up nightly and transferred to an off-site location. Static data which does not change frequently is fully backed up weekly and also stored offsite.

Company retains backups for three months. Backups are destroyed after this three month period.