solutions for   financial institutions | government | legal profession | real estate | healthcare
About Teraview
Getting Started
Quick Tasks
   Purchase Teraview
   Download Software
   Mortgage Schedules
   MLTT
   Reset Pass Phrase
   System Status
Inside Teraview
   Product Overview
   MGS
   Training
   Reference Material
   Rollout Schedule
Customer Service
Contact Us
Securing your Information
Securing Your Information

Understanding how the personal information you provide in the Personal Security Licence Application is used and protected.

Security and Information Privacy

Security Components

Security is a crucial component of Teranet software and web-based applications ("Teranet Authorized Services"). Teranet uses the Portas® service, a Public-Key Infrastructure (PKI), which secures the transaction lifecycle.

The Portas service provides:

Authentication – you are who you say you are.

Authorization – you are allowed to access specific data or functions.

Digital Signatures – you did that transaction (non-repudiation) and the transaction data has not changed (integrity).

Encryption – your data is private and confidential.

Security Management – your security is managed effectively and efficiently.

Certificate Authorities and Third Party Trust

The processes, people and tools used to create and securely manage digital certificates and signatures are called Certificate Authorities or CAs.

A Certificate Authority is premised on the concept of third party trust. That third party is the Certificate Authority (CA). Teranet developed its own CA for Teranet Authorized Services in 1998. In its CA capacity, Teranet certifies digital certificates that verify user authenticity.

Personal Information and Your Security

The processes by which Teranet establishes and maintains the security credentials for Personal Security Licence (PSL) holders are multi-dimensional and for security reasons cannot all be publicly disclosed. One important process we can explain is the collection of an individual's private information. When a new user completes a PSL Application, they are asked to provide personal information such as their driver's licence number and their credit card numbers.

A user's personal information and the validation of that information by a lawyer or the equivalent is part of the identity authentication process. Once a user's identity is validated, they are issued a security code, which enables the user to create their own security profile.

The security profile, which is stored by the user on a storage device (diskette or another type of removable media), not only provides convenient and authorized access to the system, it also contains information unique to each user that is used to prepare documents, sign statements of law if required and electronically register documents. This profile is personal and is not to be disclosed to anyone.

Non-repudiation

User authenticity makes possible signature non-repudiation, meaning that an individual cannot successfully deny involvement in the preparation and digital signing of an electronic document. Just as a person has no grounds to repudiate their hand-written signature on a document, the digital signature and electronic trail produced by use of the security profile does not allow repudiation. That's why it is extremely important that users do not share their security profile or secret pass phrase with another person. To share a security profile or secret pass phrase is the equivalent of allowing another person to forge a hand-written signature.


PRIVACY AND INFORMATION PROTECTION

A user's digital identity and the personal information that supports it are carefully protected. Teranet complies with principles regarding privacy laid out in the Personal Information Protection and Electronic Documents Act. A copy of the Act is available at www.parl.gc.ca. These principles require that user information gathered by Teranet can only be used for the purposes that have been identified.

Teranet's Privacy Statement is provided on the web site at www.teranet.ca. Teranet's Privacy Officer can be contacted at privacyofficer@teranet.ca.

N.B. You are required to read and review the Personal Security Licence Terms and Conditions and the Terms and Conditions with respect to applicable Teranet Authorized Services provided to you as they form the basis for the agreement for that service. This fact sheet is intended as a guide only and does not constitute a summary of these Terms and Conditions.

Access to Teranet Authorized Services and use of a PSL are subject to terms, conditions, availability and pricing all of which can be changed without notice.

Why do you need my personal information?

Personal information is collected for the purpose of issuing you a digital identity and authorizing you as a PSL holder and user of Teranet Authorized Services. The information you provide (your secret pass phrase or your driver's licence number, for example) will be used by authorized staff of Teranet and its affiliates for the purposes of administration of and access to the system, products and services.

How is my personal information used?

In order to prevent fraudulent activity, the information is used to verify your identity and to ensure that the digital identity that you are issued correctly identifies you and no one else. It may be disclosed to government and law enforcement officials as set out in the PSL Terms and Conditions.

The information may also be used to provide Account Holders and/or PSL Holders with information on the systems, products and services of Teranet and its affiliates.

If you do not want to receive this information, call 1-800-208-5263 to have your name removed.

How is my personal information secured?

Access to the information you provide on the application is strictly controlled. The approved paper application is scanned and turned into an image file. These files are stored in a database. All documents in the database are encrypted (encryption scrambles the electronic file to prevent unauthorized access).

After your application for a personal security licence is approved, access to the encrypted scanned file image, containing the information you have provided, is restricted to authorized Customer Service staff solely for the purpose of verifying your identity. Authorized Customer Service staff are the only personnel who have access to these encrypted electronic files containing your application.

Paper files containing personal information are stored in locked cabinets to which access is severely restricted. Access to databases containing user information is equally restricted.

Who determined this level of security and its criteria?

Teranet has developed these policies to comply with the level of assurance required for these transactions, as defined by the Federal Government of Canada and managed by the Teranet Policy Management Authority, the governing body for the Teranet Certificate Authority.

Guidelines for completing the Personal Security Licence Application

  1. Complete the Personal Security Licence Applicant Information (section 1) of the form.
  2. Complete the Validation of Personal Security Licence Applicant's Identity portion (section 2) of the form. In this section you are asked to provide identification information to confirm your identity.

ACCEPTED PRIMARY I.D. (PHOTO I.D. REQUIRED)

Valid Canadian Driver's Licence, Valid Canadian Passport, Valid Canadian Firearms Acquisition Card, or Valid Permanent Resident Card

ACCEPTED SECONDARY I.D.

  1. Valid Major Credit Card & Expiry Date (AMERICAN EXPRESS®, VISA® AND MASTERCARD®)
  2. Bank Card
  3. Social Insurance Card
  4. Birth Certificate
  5. Either of the photo I.D. items noted previously, not used as primary I.D.

EXAMPLES OF I.D. THAT CANNOT BE ACCEPTED:

  1. Retail Credit Cards (e.g. Sears, The Bay, Zellers). This type of credit card cannot be used because it does not contain some elements designated by Teranet as key criteria for identification.
  2. Health Card. The Health Card and Numbers Control Act governs the use and collection of a Health Card. This card is to be used for healthcare purposes only. Therefore Teranet is not able to use it for the purposes of identification.

ACCEPTED DESIGNATED REPRESENTATIVES

  1. Lawyer
  2. Notary Public
  3. Designated Land Registry Office (LRO) Representative
  4. Designated Teranet Representative
  5. Financial Institution Signing Officer

Why are others (e.g. Commissioner of Oaths, Engineer, Doctor) who do not appear in the list above, not accepted as a designated representative for validating my identity?

This list is composed of a limited group of people chosen primarily for their likely familiarity with this business process and the associated forms being completed.


Product Overview
© Teranet Inc. All rights reserved   privacy   terms of use    security    sitemap