How does eLicensing protect confidential information?

Ecommerce security issues are frequently publicized and are certainly important. Customers are understandably concerned that online transactions are both safe and honored and they worry about their social security number and credit card details being misappropriated. However rare, these things do happen. DRE believes that the eLicensing system addresses ecommerce security issues in that it meets the following four requirements:

• privacy: information must be kept from unauthorized parties.
• integrity: messages must not be altered or tampered with.
• authentication: senders and recipients must prove their identities to each other.
• non-repudiation: proof is needed that the message was indeed received.

Privacy is handled by encryption. This level of encryption helps to ensure that information is secure when the data is transmitted. All eLicensing transactions are protected using Secure Socket Layer (SSL) technology with 128-bit encryption. SSL encrypts user's personal information before it leaves his/her computer, ensuring that it cannot be read by unauthorized persons. The use of 128-bit encryption is the standard for protecting financial and personal information on the web. Digital signatures meet the need for authentication and integrity. Credit card details can be safely sent with SSL, but once stored on a server they can become vulnerable to unauthorized access. For this reason, DRE does not store any credit card information on file and only retains the authorization information rovided by the secured payment processing center.

The Department of Real Estate has put in place physical, electronic, and procedural safeguards to protect the eLicensing users' personal information. Furthermore DRE has successfully undergone routine audit and independent reviews of its security infrastructure.