TradeCard's security system is built upon five tenets of data security: authentication, authorization, confidentiality, integrity and non-repudiation. These building blocks work together to provide a comprehensive data security infrastructure.

Authentication
Except as described in the section titled "Deviation from Data Security Principles" below, TradeCard identifies and authenticates users to the system using two-factor authentication. When a user is authenticated to the TradeCard system s/he provides a unique username and password, as well as a one-time access code generated by the e-identity Security System. The e-identity Security System consists of a smart card and portable reader. When the smart card is inserted into the reader, an 8-digit access code is generated that is unique to the card and can be used only once to access the TradeCard system; a different access code is generated each time the card is inserted into the reader. Every user on the TradeCard system is assigned a unique smart card and handheld reader. The smart card can be taken away or disabled to prevent access to the TradeCard system.

Each authenticated user session has an inactivity time out. User inactivity for a specific amount of time will require the user to log in to the TradeCard system by entering the password and access code.

Users of the TradeCard system also have to trust that they are connecting to TradeCard and not a rogue machine that may be set up to look and act like TradeCard. Server authentication is provided by the use of a server Certificate. When a browser connects to the TradeCard system, the browser automatically uses the certificate to verify that it is connecting with the legitimate TradeCard site.

Authorization
Authorization is the process of granting or denying access to a resource based upon the identity of a user. In the TradeCard system the authorization model defines what actions individual users and parties can perform within the scope of a TradeCard transaction. TradeCard defines authorization via the configuration of access control lists, user and company roles and business workflow rules within the system.

Access to the documents in a TradeCard transaction are configured by a member organization's system administrator who controls what individual users are allowed to see and do within the TradeCard system. The business rules interact with the workflow system to control which parties can act on a transaction at any time.

Confidentiality
The SSL (Secure Socket Layer) protocol provides a secure mechanism for exchanging data on the TradeCard system. TradeCard's Server Certificate enables encryption on all communications between a user's browser and TradeCard's servers. The Server Certificate enables strong (128-bit) encryption to the TradeCard system for many browsers that are normally only able to communicate at 40 or 56-bit strength.

Integrity
The integrity of data in a transaction is extremely important to parties involved in it. There needs to be some level of assurance that an unauthorized individual has not altered the information in a transaction. The data must remain exactly as was entered and approved by the different parties involved in the transaction.

Digital signatures help protect the integrity of documents in the TradeCard system. When a user first accesses the TradeCard system s/he automatically generates a Public/Private key pair. The private key is encrypted with a password that is known only by the user and stored with the unencrypted public key. To apply a digital signature a user must present his/her password to decrypt the private key. The private key is then utilized to create the digital signature on the document data. The TradeCard system can prove the integrity of document data at a later date by passing the document data and public key into the digital signature verification algorithm. If the document data has been altered in any way the verification process will fail.

User passwords are never stored in the TradeCard system; instead, only hashed values of the password are persisted. No one with access to the TradeCard system database will be able to find out a user's password for the purpose of accessing the system.

Non-Repudiation
Non-Repudiation is the ability of a party involved in a transaction to enforce the terms of the transaction against the other party. TradeCard seeks to achieve non-repudiation through the use of the four previous tenets of security. Strong non-repudiation means that no party involved in a transaction can successfully deny that it had involvement in the completion of the transaction.

Non-Repudiation in the TradeCard system is ensured with the addition of auditing to all the above security tenets. The ability to authenticate users, authorize user access, provide for confidentiality, prove the integrity and the auditing of transactions provides a means for proving a user's involvement in a transaction and enforceability of the transaction terms. Every action a user makes is logged along with the data involved in the action to an audit facility in the TradeCard Network the moment that they are performed. This data is captured for auditing purposes only and there is no system access provided to the audited information.

Deviation from Data Security Principles
Certain Members request that they be exempted from the data security policy requiring logging on to the TradeCard Platform using their password and smart card/reader in order to apply their digital signature to purchase order documents they send to the TradeCard Platform. Rather, such Members request that TradeCard assume that all purchase order documents sent by such Members to the TradeCard Platform have been approved by such Members in the form received by TradeCard. In all such cases, each Member signs an Agreement acknowledging the reduced security measures and relieves TradeCard of any liability related to any authentication or security failures. Further, Vendor-Members request that any purchase orders from certain Buyer-Members be treated as approved by the Vendor-Member without any approval or digital signature by the Vendor-Member. In such eventuality, both the Vendor-Member and the relevant Buyer Member must contractually agree to the foregoing practices and assume all potential data security and authentication risks stemming there from.

Vendors utilizing the invoice presentment and factory shipping products are exempt from the e-identity requirement.