Features - Right2Data

OTP Authentication

One-time password (OTP) authentication has become a cornerstone of modern cybersecurity, evolving from the early banking systems of the 1990s that replaced static PINs. Right2Data’s virtual data room, or eDataroom, integrates OTP as a data room layer of security, generating time-sensitive one-time use codes delivered via email or SMS authenticator. Unlike static passwords, OTPs expire within 30 minutes, minimizing the window for exploitation. This method gained prominence in the security industry after high-profile data breaches exposed vulnerabilities in traditional credentials, pushing industries like legal, finance, healthcare, and fundraising services to adopt OTPs for sensitive data transactions such as mergers and acquisitions (M&A), Fundraising, IPO offerings, etc.
The OTP systems rely on algorithms like HMAC-based or Time-based OTPs to generate unique codes each time the login process is conducted. Right2Data uses TOTP (time-based OTP), synchronizing with atomic clocks to ensure precision. Even if a hacker intercepts a code, it becomes useless after 30-60 seconds. For added security or redundancy, codes are sent to the user via email or SMS, reducing delivery failures.

Benefits of OTP-Based Authentication:

This method of authentication mitigates credential theft by neutralizing phishing and brute-force attacks.
It enhances user authentication and convenience as it doesn’t require memorization, reducing support tickets for password resets.
Keeps the user safe from password breaches or leaks, as there is no login password.
Audit readiness involves logging OTP attempts for compliance audits.
Right2Data mitigates latency by prioritizing email delivery as a backup, hence reducing delivery delays.

Audit Trail

Audit trails are immutable logs that record every user action within the virtual data room, from document views to permission changes, and activity logs are visible in detail. Originating from paper-based accounting audits, digital audit trails became critical after the Sarbanes-Oxley Act (SOX) of 2002 mandated rigorous financial reporting. Right2Data’s eDataroom system captures granular metadata, including timestamps, user identifications, the IP addresses of the users who have accessed the data, and the action types like View, download, and print, creating a forensic-ready environment. The audit trail keeps a record of data being accessed for how long, which particular user, with their IP addresses, and the actions taken on every document are provided to the administrator. This helps the owner of the data room to know the detailed insights of the data room and its users. This helps in faster due diligence and enhanced efficiency.

Features and Litigation Value:

The immutable logs are stored in a write-once-read-many (WORM) database to prevent tampering.
The optional blockchain anchoring hashes logs to public ledgers for party verification.
This feature is GDPR Article 30 compliant as it demonstrates accountability for data access.
This feature provides streamlined litigation by providing court-admissible activity records.
It assists in internal investigations by identifying a rogue employee leaking documents by correlating download timestamps with external email sends.

A well-known bank used this special feature to pass a FINRA examination using our Virtual Data Room, proving that only authorized personnel accessed customer portfolios. The logs revealed zero unauthorized access over 18 months, avoiding a heavy potential fine of 2 million. Our technical team is exploring the feasibility of AI-driven anomaly detection that will flag suspicious patterns, such as bulk downloads at unusual hours, which will make it even more secure, the most trusted, and most affordable Virtual Data Room service provider in India.

Activity Tracker

An activity tracker provides a real-time dashboard of user data interactions, building on network monitoring tools like SolarWinds. Unlike static audit logs, this feature also offers live insights, such as active sessions, mouse movements, and scroll behavior. Private equity firms use this to gauge investor interest during auctions. This feature gives the exact time an interested client spent their time on a particular document and what they are interested in, or they might have difficulty understanding the files, which can be guessed through this activity tracker. This also helps identify the interested client by examining the time spent on the documents.

Technical framework and security Use:

Real-time analytics or activity on the VDR data viewer is built on Apache Kafka to handle a large volume of data.
Behavioral metrics track “dwell time” (time spent on a page) and “click heatmaps”.
Provides threshold alerts if any user exceeds the threshold of 100 document downloads in an hour.
Provides insider threat alerts by notifying admins if an employee prints 500 pages post-resignation, and access is revoked instantly.
If the system identifies 10 simultaneous logins from a single account, it triggers a forced logout as a phishing response.

View Only

View-only mode restricts users to reading the documents that have been shared without editing, downloading, or printing privileges. This mirrors the “kiosk mode” in libraries and evolved into digital rights management (DRM) for industries like film production. Right2Data’s VDR system makes use of AES-256 encryption implementation and dynamic rendering implementation to prevent screenshots or copy-paste of the documents that are stored in the data room.

Technical Implementations and Advantages:

The VDR web viewer disables right-clicks and keyboard shortcuts like Ctrl+C (copy) and Ctrl+V (paste).
Documents are displayed as rasterized images, not as downloadable PDFs, if users are given view-only rights.
The eDataroom of Right2Data automatically times out if the viewer is inactive for 30 minutes.
Prevents unauthorized duplication of documents, aligning with DMCA (copyright enforcement).
Ensures defense contractors comply with export control by limiting document interactions.
Responsive design ensures readability on smartphones and tablets without compromising security.
Admins can grant temporary “Offline View” access using time-bound decryption keys.

View-Print-Download

View-print-download controls allow the administrator to define granular permissions for document interactions with the users of the data room, balancing collaboration with security. The controls can be given by creating a separate group or at the individual level by uploading the viewer list or manually typing the viewer's email addresses/phone numbers, in which they can receive OTP with their names. This concept evolved from the early cloud storage platforms like Dropbox, which introduced basic “view-only” links in the 2010s. Right2Data’s VDR implementation takes this further by allowing per-user permissions or per-document rules, such as allowing a particular user or a group of users to only view the documents and restricting print and download permissions. Likewise, a user can be given access to print and view, but download is restricted. If the Permission to download is granted to the user, they are automatically permitted to view and print, with download being the highest level of permission.

Technical architecture and security:

Admins can assign permissions to a specific viewer or group by selecting the View, Print, and Download icons next to folders and files.
Documents are encrypted with AES-256, and decryption keys are released only when permission criteria are met.
The administrator can disable or customize View-Print-Download rights at any time during the data room's subscription period.
This feature ensures compliance with Non-Disclosure Agreements (NDAs) by technically restricting prohibited actions on data room files.
Right2Data uses browser-level rendering to block screenshots, even through browser extensions.

Group Creation

This feature empowers the administrators to streamline access control by organizing data room viewers into predefined groups like legal, financial, human resources, etc, making it easier to share information according to group directly rather than selecting every individual viewer and granting them granular access. The group creation features of our platform enable role-based access by organizing the data viewers into teams with unified permissions, mirroring Microsoft’s Active Directory (1999). The viewers can be added or removed from groups, and the administrators can select the Viewers from the list and move them to a particular group after group creation and removal. By directly clicking a specific group, like the legal group or the financial group, and selecting it, it becomes easier for the administrators to assign permissions to the document. This centralized approach not only simplifies administrative workflows but also ensures consistency in access rights, reduces human error, and accelerates secure collaboration across large teams.

Bulk Upload

The Bulk upload feature in the document upload allows the administrator to ingest a massive number of files/folders while preserving structure and permissions, which is a critical need for industries like real estate, where a single deal may involve 10,000 plus documents. The bulk upload feature of Right2Data’s VDR supports bulk uploads of documents in ZIP format and is automatically unzipped once the upload completes in the same order as the files were before compression. It becomes very handy while dealing with a gigantic data file that needs to be uploaded and shared with prospective clients. Before tools like Box introduced bulk uploads in 2012, firms wasted weeks manually uploading data files/folders. Right2Data’s VDR service system accelerates this with drag-and-drop simplicity and automated security.

Technical Features:

Right2Data’s VDR automatically scans uploaded files for malware, extracts metadata (OCR for scanned PDFs), and assigns auto-tags.
Allows parent folder rules to apply to all folders and subfolders, maintaining the original order.
Files and folders are AES-256 encrypted before reaching the servers.
Automatic dynamic watermarking is applied to all uploaded files and documents if custom watermarking is enabled during data room setup.
Saves over 90% of the time and effort compared to manually uploading files one by one.

Geo Tagging

Geo-tagging records the geographic coordinates (latitudes and longitudes) of users during logins or document interactions. Development from IP tracking tools, RightDatas virtual data room system integrates GPS data from the mobile devices and wi-fi triangulation for desktop users. The GPS tagging facility of RightDatas VDR helps to track the location of the users activity and provides a detailed audit of the data being accessed for security purposes.

Features and alerts:

Real-time alerts are triggered from user login sessions to enhance the security of data in the data room.
Clients can permit specific regions (e.g., corporate offices in Mumbai or Chennai) for accessing the data room, preventing unauthorized activity.
Geo-tagging adds an additional layer of security by preventing unauthorized access or alerting administrators in case of a breach.
Ensures data sovereignty by alerting if data is compromised or accessed from unauthorized locations.
Blocks access to embargoed nations under OFAC regulations, enforcing export controls on sensitive data.
Right2Data partners with threat intelligence platforms to detect VPN-masked IP addresses.
During travel scenarios, administrators can pre-approve user travel routes to allow secure data room access.

This feature in Right2Data’s eDataroom is designed to address specific pain points in data security and collaboration. Combining cutting-edge technology with regulatory compliance like ISO 27001, the Digital Personal Data Protection (DPDP) Act, and data security and regulatory compliance. Our virtual data platform offers a robust solution for industries and businesses ranging from small-scale start-ups to large enterprises dealing in healthcare, M&A, finance, real estate, etc.

Geo Fencing

Geo-fencing restricts data access to predefined geographic boundaries, such as countries, cities, or corporate office boundaries, that are specified by the administrator of the data room. This concept started from the enterprise mobility management (EMM) solutions in the early 2010s, where companies like MobileIron used geolocation to circumvent device usage. Right2Data’s geo-fencing feature applies this principle to our Virtual Data Room (VDR) or eDatarooms, enabling organizations to comply with data protection laws and regulations. Our data rooms, equipped with this special feature, help to mitigate cross-border cyber threats. For example, an Asia-based pharmaceutical company can block access to clinical trial data from regions with weak IP protections. It can also allow only specific office locations to access the data and prohibit others from accessing it. The feature uses a combination of GPS (for mobile devices), IP geolocation databases for desktops, and Wi-Fi triangulation to block and specify the correct location. Administrators can draw fences on a map interface, such as limiting access to the European Union (EU) or excluding high-risk countries like North Korea. Right2Data’s VDR integrates with MaxMind’s GeoIP2 database, which offers 99.8% accuracy in country-level identification. For handheld device users like mobile phones and tablets, the system enforces GPS checks every 15 minutes to detect location changes.

Security Applications and flexibility:

This feature automatically blocks access from countries under trade embargoes (e.g., OFAC-sanctioned nations).
Neutralizes state-sponsored hackers by denying access to regions known for cyber espionage, mitigating data breach threats.
Prevents users from accessing sensitive data while traveling to unsecured or restricted countries, reducing insider risk.
Clients can customize access by creating multiple fences, categorizing HQ offices and partner regions.
Users or employees traveling to temporary locations can receive a 24-hour access waiver after identity verification.
Administrators receive real-time alerts for fence breaches, with options to force logouts or require reauthentication.
Right2Data partners with threat intelligence platforms like CrowdStrike to detect VPN-masked IPs.

To make it more secure and security-enhanced, right2Data is working on including 5G triangulation for millimeter-accurate fencing and IoT device tracking to secure data access in industrial environments.

Reader or Viewer Selfies

A reader or viewer selfie captures a real-time facial image of the person accessing the session. This viewer selfie is mandated during the time of accessing the document via the provided link. Our VDR service platform displays a selfie screen, which prompts the user to access the data only after a selfie is captured. This feature has been enabled for an extra layer of security. Our VDR service prompts this screen if someone tries to log in from multiple browsers or unregistered devices during the session. This selfie feature stops the user from sharing credentials with anyone, thus ensuring sharing. It keeps the users selfies hashed and stored in the viewers login file as a reference and automatically deletes the images once the data room expires.

Security and Advantages

It prevents insider threats. A financial analyst once tried to share login credentials details with the competing party. But the system raised the alert for the viewer alert. The data room wasn’t accessed by the threat actor in that instance.
Forensic audit support is provided in the form the selfie logs are tied to a leaked document to a specific user session, which shows the identity of the person. The audit report clearly shows the selfies of the user who opened the file in a particular location, even with watermarked copy during the session.
The user’s selfie is hashed and stored as a unique non-reproducible encrypted client data.
Law and legal firms opt this feature to ensure only authorised partners view privileged client data.
The faces are pixelated or blurred to protect the viewer’s privacy using face-hiding technology.

Two-Factor Authentication (2FA)

Double-factor or two-factor authentication is often a part of multi-factor authentication and requires the users to verify identity through two distinct methods. Originating in early military systems, double-factor authentication became an important verification method after the 2013 Yahoo breach, which compromised almost 3 billion accounts. Right2Data’s Two-factor authentication (2fa) combines Knowledge factor authentication (Password), possession factors (mobile devices and desktops), and inherence factors (biometrics or Aadhar card number), to access the OTP generated via email or SMS to create a virtually impenetrable barrier.

Technical implementations and security advantages:

Passwords and SMS or email OTP are used for basic tier authentication for low-risk projects.
Clients can use custom combinations of passwords, OTP, or biometrics for multi-factor authentication based on data sensitivity.
The advanced tier for intellectual property-sensitive (IP) industries includes Aadhaar card verification, biometric authentication, and hardware tokens.
Hackers or breach attempts cannot replicate Aadhaar verification or biometrics, making it phishing-resistant.
Even if a password is guessed or stolen, the second factor prevents access, mitigating brute-force attacks.

A Mumbai-based biotech firm used our Virtual Data Room’s Double authentication during their patent licensing deal. The engineers accessed research development documents only after scanning Aadhar and entering a hardware token code. Zero breaches were reported during their 6-month negotiations. The security feature meets SP 800-63B guidelines for digital identity, fulfilling NIST compliance. The users reported that it had seamless integration and worked with Active Directory and SSO platforms.

Question and Answer

The Questions and Answers (Q&A) module centralises secure communication within the VDR, replacing fragmented email chains and spreadsheets that have to be shared to discuss doubts regarding the document shared. Inspired by platforms like Slack, our VDR system has adapted threaded discussions for high-stakes scenarios like mergers and acquisitions due diligence. Fundraising, Intellectual property. The Viewers of the data rooms can post their questions related to the documents they have access to, get a professional reply from the administrators of the same documents, and carry on the chat process until their doubts are resolved. The questions posed in the dataroom are notified to the admin in the dataroom dashboard, where the admin can view the document where the questions are raised and reply to the questions with answers and post the answers or related documents. A complete, secure, and end-to-end encrypted communication can take place within the data room, keeping the questions anonymous from other users of the data room.

Technical Features and Security:

The questions and answers are encrypted with AES-256-GCM encryption, even at rest, ensuring end-to-end encryption.
Users can embed confidential information directly into threads without exposing it to all parties while answering questions.
This built-in feature mitigates phishing risks from fake threads impersonating advisors or experts.

Dynamic Watermark

The customizable watermarking adds extra functionality to the documents of the data room by giving the feature the ability to customize their watermarks to personalize the document. The watermarking overlays user-specific identifiers (names of the company and firms, name of the owner of the document, email address, IP) on the documents to deter leaks and trace violations. Adapted from the medieval paper watermarks used to authenticate currency, digital watermarking gained popularity in the 2000s with media giant companies like Disney embedding them in pre-release films. This specific rise in the trend was accepted worldwide to personalize the content's ownership. Right2Data provides customizable watermarking facilities to the administrator; the email address of the administrator automatically becomes the default watermark.