How we protect you

As part of its ongoing approval to operate an Electronic Lodgement Network, PEXA is required by the e-Conveyancing regulator (ARNECC) to establish and maintain an Information Security Management System (ISMS).

This is subject to an annual independent expert review, currently completed by Ernst & Young (EY) and outcomes of the review are shared with ARNECC and form an integral part of the renewal process for PEXA’s operating licence.

Here are a number of security measures used to protect PEXA customers when transacting online.

 

Secure Communications

PEXA uses advanced encryption mechanisms to protect information on the PEXA platform. This information can only be accessed by the user and other authorised parties*.

Today all financial service providers use encryption to protect customer data. Encryption ensures no one else is able to see information related to the user or their business. For example, when someone sends a message using WhatsApp, the service wraps the message in code, scrambles it and creates an encryption key. It can then only be unlocked by the recipient of the message.

PEXA uses similar measures, ensuring integrity and confidentiality of data shared between the user’s browser and PEXA’s back-end core infrastructure.

 

Digital Certificate

Digital certificates allow PEXA customers to electronically sign documents in PEXA on behalf of their clients thereby eliminating the need to print and pen-sign physical documents! A digital certificate is a PEXA customer’s unique identity online. Anyone signing on the PEXA platform must use one.

If data in the Workspace is changed, the PEXA system will automatically unsign any signed documents affected by the data change. The customer responsible for the documents(s) will need to sign in to the PEXA platform again and re-sign the relevant document(s) using their digital certificate. 

Therefore, if a PEXA customer edits part of the Workspace, it cannot progress to the Land Registries or to settlement until re-validated and signed by the relevant parties in the Workspace. This process further protects the integrity of the data, defending against unauthorised transactions and approvals in PEXA Workspaces.

 

Security Assessments and Policy

Initially, all prospective PEXA customers sign a Participation Agreement (PA) during the onboarding process. Once signed, the customer agrees to comply with PEXA’s Security Policy, ensuring their systems meet a certain standard of security when using the PEXA platform.

Parties integrating their systems with PEXA must align with third party security and risk assessment process, which include answering a series of questions and where necessary, providing relevant evidence to confirm their security and risk management practices meet certain standards.

This also presents an opportunity for customers to assess their own security and risk controls for data and privacy purposes.

 

* All parties invited into a Workspace and PEXA

Return to Security

Australia Map

In the spirit of reconciliation PEXA acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their Elders past and present and extend that respect to all Aboriginal and Torres Strait Islander people today.

Uluru Statement

We accept the invitation to walk with First Nations Peoples to a better future for us all. For more information visit the UluruStatement website.

Pexa
© Property Exchange Australia Ltd. ABN 92 140 677 792.
We use cookies to improve your experience. You consent to the use of our cookies if you proceed. Visit our Privacy policy for more information.