Nextenders Secure Bid Process

Secure Bid Process or SBP is patented technology developed by Nextenders that meets all the security criteria for tendering and uniquely makes electronic tendering process tamper-evident. It is the most secure bid security solution available in the market today.

Patented technology solution

The solution actually replicates the “sealed box” and “sealed envelope” system of a physical tendering system in an electronic environment and extends the same to all three stages of a bid process—from bid preparation to bid submission and opening of the tenders.

PKI at the core

SBP implements Public Key Infrastructure (’PKI’) at its very core as opposed to other solutions that implement PKI like a wrapper, making SBP inherently compliant with all the requirements of the Indian Information Technology Act and future-proof,

However, what enables SBP to guarantee tamper-evidence in a bidding process is the inventive use of a technology that enables users to apply established algorithmic standards to data to create “hash values” of bid documents and bid data.

Complete tamper-evident process

What this means is that not only is data encrypted at all levels through PKI, but the bid submission data is converted into a unique fixed-size bit string or its cryptographic hash value, such that an accidental or intentional change to the data, including opening/viewing the data, will change the hash value. This “hash value” is analogous to a fingerprint of an individual being unique to that person.

To make it further tamper-evident, the hash values of all bids submitted are combined to create a “super hash” which is published by the department or person handling the tenders from the buyer side. While, tampering may still happen, the SBP process ensures that any unauthorized view or change in data, irrespective whether it is by a bidder or a buyer user, will result in a change in the “super hash” value, thereby making the tampering evident to all concerned. At this stage, the process can be halted and further investigation conducted to find out which specific “hash value(s)” have changed, and hence which bids have been affected/tampered.

It is important to note that a user’s actions during the SBP process, including the “hashing” and “super hashing” are automated but transparent to the user.

Ensuring secure e-procurement

Let us understand how Secure Bid Process works during the bid preparation and bid submission stage of a typical tender on a Nextenders system. For ensuring that collusion would be futile, the secure bidding process has a two stage bid preparation and bid submission process.

Security in other stages of the tender process

Through the use of PKI, the system also ensures security of data during other stages of the tender process including the Tender preparation, Bid preparation or Bid evaluation stages. Data remains encrypted with the concerned user’s public key so it can only be viewed or modified using that user’s private key.

Simply put, any number of fetches and modifications of data between server and browser involve three steps—get encrypted data from server, decrypt it with own private key, view or modify, encrypt it with one’s public key and send it back to server. The process can be repeated as many times as required.

Compliance and legal protection

This unique combination of using PKI and SBP, which only Nextenders offers, provides 100% assurance of compliance and security to the Buying organization. It also provides irrefutable legally admissible legal evidence as protection and early resolution from frivolous and mischievous complaints and litigation by suppliers.