World Intellectual Property Organization

Security

The PCT EDI service is based upon the Secure Shell File Transfer Protocol. Secure Shell, or SSH, provides a secure means of reliably transferring data over communications networks via the Secure Shell File Transfer Protocol (SFTP). Unlike the standard Internet File Transfer Protocol (FTP), user authentication information is never transmitted in the clear. All communications are encrypted using a user-selected data encryption algorithm. Unlike Transport Layer Security (TLS) enhanced FTP, only a single port is used for bi-directional communications, eliminating some rather difficult firewall and security configuration issues. Unlike Hypertext Transfer Protocol (HTTP), SFTP provides asynchronous, block-oriented data transfer verification, including the facility to restart interrupted transmissions from the point of interruption. Unlike Simple Object Access Protocol (SOAP), no independent software development is required. It should be noted, however, that Offices desiring to develop customized SSH/SFTP applications for integration with existing systems may do so.

SFTP makes use of public/private key pairs to authenticate users and services, and to encrypt the stream of data between the client and server. The PCT EDI service supports multiple keys (and thus multiple users) per office account, with user-level account management being under control of the national office.

Please click on this secure link to view the server key fingerprint. Your SSH/SFTP client may prompt you to accept a server key. Please verify the certificate information associated with this link; should you have any questions, please contact the International Bureau. If you are satisfied with the validity of the link certificate information and the key fingerprint information on that page matches the fingerprint information presented by the server, you may accept the certificate.

National offices are free to select the encryption algorithm and key lengths of their choice.

Explore WIPO