Security

The unique ID and password must match to allow access to Rent-on-time™ https secure areas. Each time you re-enter this area you are required to enter your User ID and Password again. The Rent-on-time™ system will only accept transactions involving the specific Tenant and their specific Landlord or Property Manager. No payment can be sent to any other party. Landlords are not given their Tenant's ID and Password and cannot see their Tenant's bank accounts. Tenants are not given their Landlord's or Property Manager's User ID and Password and cannot see their Landlord's bank accounts. Similarly, we cannot see either party's bank accounts.

Rent-on-time™ is powered by Flo2Cash an internationally accredited payment gateway provider. Flo2Cash is a fully certified PCI DSS payment processor and is a member of the PCI DSS international council that governs credit card security worldwide. Rent-on-time™ never sees or stores any credit card information. All information is stored securely in a remote data centre approved to handle sensitive credit card data and information. See www.flo2cash.co.nz for more information.

The Rent-on-time™ system also prevents an amount greater than 4 times the weekly rent from being accepted. This minimises any overpayment amount to a Landlord should someone with malicious intent gain access to a Tenants ID and password. Remember - Do not disclose your ID and password to anyone. Should a Tenant need to make a larger one-off payment please contact us.
Bank Account details are not required on each payment transaction, simply a selection of predefined account 1,2,3 or 4. This prevents bank account details from being intercepted. To prevent Landlord and Tenant information being intercepted in transit over the internet, every transaction is carried out utilising SSL3.0, RC4 with 128-bit encryption provided by Verisign. According to documentation published by RSA Security Inc." It would take a single Cray with 6 Terrabytes of memory approximately 70 million days (192,000 years) to solve the matrix...." Source RSA Security, April 2000 Bulletin.
The Rent-on-time™ secure servers also use an encryption key that interrogates each item exchanged with the user. If there is any hint of corruption the transaction is terminated and reported.

Physical security implementations to further protect the Rent-on-time™ secure servers include: Intelligent UPS systems. Secure payment servers on a stand alone network. Building security, including camera surveillance, random guard patrols and lift cut-off. Independent internet connection and a future VPN controlled and updated hot-backup-site.

Further methods employed to ensure total integrity of the Rent-on-time™ secure servers include: Account numbers are not stored with the transaction details once the transaction has been completed. The networking routers are configured to allow only secure connections to the server, all other requests for connections are rejected. The secure server is solely used for the processing of the payment gateway. No other processing or hosting is done on this server. Other services existing on a standard server, not related directly to the payment gateway, have been either disabled or removed totally.