PrivateVault, a new kind of hosted, Web service, supports an e-document delivery application by serving as a secure, personal, end-destination for e-documents.
There are two sides to the PrivateVault product:

• Business Services support such activities as vault site configuration, guaranteed placement of items into the vault by the enterprise system, vault site activity reporting.
  
  
• End User Services support the user experience, such as the vault navigation interface, upload/download features, email services, routing rules, application backup and directory management features.

To facilitate end user adoption of an e-document delivery application, EnterVault recognizes that for some applications, such as e-statement delivery, the end user must be able to opt-in to the service at no charge. For those cases, EnterVault offers a read-only vault to its business customers.

Unlike other e-document destinations, such as pulling an end user to a web presentation of the document and out to the end user's work-based email, the PrivateVault destination offers the Business a number of advantages:

• Eliminates email administration and exception processing costs due to an undeliverable email address. The vault is for the life of the relationship between the individual and the enterprise, and potentially beyond if the user adopts the PrivateVault service as a second or third email account, the trusted account. In contrast, today the only email options are one's work-based email account or a personal account likely to be with HotMail or Yahoo. Both of these email accounts are subject to change, causing the email address-of-record to become outdated if the end user forgets to update their information.
  
  
• Potential for incremental revenue as vault usage increases. When an individual sees the value of having a trusted email account combined with secure online storage, and that individual upgrades their vault storage capacity, there is opportunity for reoccurring revenue. The enterprise has the potential to generate incremental fee income off each vault or upgraded vault. Neither web presentation applications nor traditional email accounts offer this incremental revenue potential.
  
  
• Customer retention. If the vault owner adopts the vault as a second or third email account, the "trusted account," and a number of documents are stored in the vault, should the primary account relationship end between the end user and the enterprise, there is the potential the end user will retain their vault account.

PrivateVault offers a number of unique features specifically designed to support the needs of the enterprise. The following will be covered in more detail below:

• e-document Delivery Methods
• Guaranteed Document Placement
• Seamless Integration with Existing Web Sites
• Developer API Support
• XML Data Exchange Standard
• Vault Customization Options
• Vault Activity Reporting
• Support/Training

Safeguards for Stored Documents

Before any enterprise offers an outsourced service to its customer base, the first issue that must be addressed is the level of security and risk management that the outsource provider can offer. EnterVault believes it is unique in that the company has grown up as a regulated business. Our business practices and procedures, our systems processes, had to be documented for and audited by a federal agency, plus the overall system was hacker tested, before we could go into business.

To safeguard user data stored in our system from data loss related to unforeseen disasters, PrivateVault implements multiple data protection procedures. PrivateVault stores all user files on RAID-5 disk arrays as its first line of defense against data loss. Second, PrivateVault automatically replicates all user data to a secondary, remote hosting center located in another state. Lastly, EnterVault performs daily and weekly backups of all PrivateVault data.

Finally, at the vault level, PrivateVault offers two layers of access control in order to protect stored data from unauthorized user access. All data is stored encrypted on the server. The proper username and password is required to decrypt the data for download, viewing and editing purposes. In addition to username and password protection, PrivateVault supports a digital certificate as the second, optional, layer of “authentication”. In the case where a vault owner has created an account that is expecting two layers of authentication, the digital certifi-cate must be present on the local PC during sign-in or the PrivateVault system will not authenticate the user, even if the user name and password are correct.

e-Document Delivery Methods

PrivateVault supports two methods for transporting an e-document from the e-document origination point to the vault system. The first method is an API-based, secure transport method. An HTTPS encrypted connection is established between the enterprise system and the PrivateVault server. When the item reaches the PrivateVault system, each item is associated to a unique vault owner, encrypted and stored.

The second delivery method is standard SMTP email. Since SMTP is a non-secure delivery path, typically the attached document is protected by a password or some other protection scheme at the origination point, before transmission. The incoming email item is received by the PrivateVault system, parsed, encrypted and stored on the server.

When a new item arrives in an individual’s vault, a notification alert can be sent to the email address-of-record. The notification email was entered by the vault owner when the account was created. Even if the notification email address becomes outdated, the business has met its “delivery obligation” when the item is received by the vault. This paradigm closely mirrors the traditional delivery process of sending an item to a physical mail box.

Regardless of the delivery method employed, PrivateVault can be configured so that specified incoming items from an enterprise have “guaranteed delivery” status. This means those specific items will be received and stored in the appropriate vault, even if a vault owner has run out of capacity and the user-facing file input functions - upload and the public vault inbox address - have been temporarily disabled.

PrivateVault APIs and standard XML

The PrivateVault APIs are used to expose vault functionality to a remote system. Our APIs utilize XML messaging. The XML message is posted within a form. PrivateVault processes the XML message and responds with either an XML message (if non-GUI API method) or a redirect of an end user’s session (if GUI API method).

The APIs fall into two areas. They either support the document placement functions or site integration functions.

The use of XML makes it easy to modify existing Web pages to support communications with the PrivateVault services. To further simplify the integration with PrivateVault, EnterVault provides our business customers with XML templates and sample data. New APIs will be added as needed.

Vault Site Activity Reporting

PrivateVault provides billing and vault site activity reports. The site activity report can be customized by selecting from a master-set of event activities, including active vaults, inactive vaults, upgrade units, number of logins to site. Among the user events that can be tracked are: logins, received emails, uploads and downloads. Enterprise email placement activity and API “add file” activity can also be tracked for reporting and billing purposes.

Support/Training

EnterVault is prepared to work closely with our business customers to introduce the PrivateVault service to their user base. We have a number of pre-built marketing tools that can be branded to the business customer’s look and feel – including pdf and flash materials. If our business customer chooses not to offer first line support to their customer base, EnterVault is prepared to offer first line of support. EnterVault is available to do both product training and support team training as part of our defined roll-out activities.

Site Customization Options

Even though PrivateVault is an outsourced, hosted application, it has been designed with a number of optional features so that each business customer can create an environment that reflects its unique way of doing business with its customer base. That is not to say a business customer can come to EnterVault and define a totally unique application from scratch, rather that the customer has a wide range of optional configurations from which to choose.