Phone 0800 ONLINE (0800 665 463) Delivered by LINZ

Security

Landonline security

Landonline uses a multi-layered, two factor authentication security system incorporating a unique electronic identification Digital Certificate, password and passphrase to ensure its security.

Only users from licensed firms are issued Digital Certificates, which include public and private encryption information keys, and only those authorised can certify and electronically sign documents.

To protect the integrity of official state records, it is imperative security around Landonline is maintained. Landonline security measures aim to maintain title register and digital cadastre integrity, and prevent unauthorised access to Landonline.

Technologies used to protect Landonline security transactions are used around the world by governments, leading financial and healthcare organisations and other global corporates.

Digital Certificates

From the time customers log on to Landonline until they log off, their credentials and data are securely encrypted through the use of an SSL tunnel (Secure Sockets Layer) which encrypts all traffic between LINZ and our customers.  Digital Certificates offer a second critical factor of authentication and non-repudiation for digital signing.  Combined, these ensure data cannot be captured or modified in transit.

Digital Certificates:

  • Facilitate the use of internationally recognised public and private key encryption systems
  • Enable the use of cryptography to support secure Internet transactions
  • Are unique electronic identifiers, created and stored on a customer’s PC. LINZ Digital Certificates can only be obtained and used by customers associated with a firm that has purchased a Landonline licence.

When used with the customer's username and password, Digital Certificates permit customers to log on to Landonline, and are used again by an authorised person to certify and electronically sign documents. This "one person – one certificate" rule allows LINZ to monitor system access and detect attempts to access the system by intruders.

If a Digital Certificate is shared knowingly or otherwise, LINZ security procedures revoke the Digital Certificate. Penalties include re-applying and paying for another Digital Certificate, with delays of up to five working days for processing.

Safeguarding your Landonline Password and Digital Certificate Passphrase

Digital Certificate holders have a responsibility to safeguard their username and password for accessing Landonline, as well as their individual Digital Certificate and associated passphrase.

Digital Certificates must not be shared. See the Landonline Digital Certificate User Obligations for detailed information.

Storage of Digital Certificates, passwords and passphrases

LINZ has prepared an information sheet covering the storage requirements of Digital Certificates, passwords and passphrases. It provides a basic outline of the storage requirements for these items for Landonline users.

See Storage of Digital Certificates, passwords and passphrases - (pdf 27KB).

Revoking a Digital Certificate

If your password or passphrase has been compromised (ie. you no longer have exclusive access to it), you will need to immediately notify LINZ Customer Support on 0800 ONLINE (0800 665 463) - select option 4.

Keeping your firm's PC and Internet environments safe

When it comes to your firm's PC security, it is also necessary to make sure your computer and Internet environments are safe. The information below is also provided as an information sheet.

Download and print the information sheet - (pdf 30kb).

How secure is your firm's PC and Internet environment?

The security of the Landonline system is a high priority to LINZ. To ensure the integrity of state records and the availability of the system, Landonline utilises a multi-layered system including two factor authentication.

All Landonline users have a unique username, Digital Certificate, password and passphrase to ensure their use of the system is secure.

When it comes to your firm's PC security, it is also necessary to make sure your computer and Internet environments are safe.

Here are 10 basic steps firms can take to protect their own PCs from viruses and other nasties:

  1. Take care when opening e-mail attachments: This is the most common way to import a virus onto a PC. Before opening an attachment, make sure you know who sent it. Also be cautious opening attachments with .pps, .exe, .scr or .pif file extensions as they often contain viruses.
  2. Use anti-virus software and keep it up to date: A number of commercial anti-virus products and anti-virus programmes are downloadable from the Internet.
  3. Install anti-spyware software: Protect PCs from Spyware and Adware: these programmes are placed on PCs without consent and track what is sent and received over the Internet.
  4. Use firewalls: Protect PCs from unauthorised access by hackers. Personal firewalls that prevent unauthorised access to PCs are available on the Internet.
  5. Keep updates and patches up to date: Regularly download security updates and patches for operating systems and other software. All software providers issue patches (fixes for bugs and security flaws found on any release of software) and service packs (several patches).
  6. Use hard-to-guess passwords: Mix upper case, lower case, numbers, or other characters not easily found in a dictionary, and make sure they are at least eight characters long. Turning passwords into a rhyme can help you to remember.
  7. Know where to look: Be aware of security issues and regularly use this checklist as a guide.
  8. Back up work: Regularly back-up PC data on disks, CDs or tapes.
  9. Don't share PC access with strangers: Learn about file sharing risks.

Finally: If using dial-up connections, disconnect PCs from the Internet when not in use.