The new standard

active escrow

HanseEscrow's goal is to provide our customers secure deposit and verification of the escrow materials according to the highest standards.

Active Escrow

Passive software escrow is not enough

Conventional, passive escrow as a subsegment of technology escrow is limited to the depositing of software source code. The manufacturer delivers the code to the escrow agency, the customer will receive access to the code in predefined emergencies — all the parties’ interests are protected. The formal security aspects for investment decisions have been addressed.

However, the material in escrow is a black box. Is the code well-structured? Is it commented and documented so a qualified third-party can work with it when it is released to them? In the event of an emergency, the materials deposited in this “passive” escrow often turn out to be useless. The escrow contract failed to achieve its basic purpose.

The New Standard: Active Escrow

Because trust is not always enough, we have developed a new, active technology escrow concept in which customer service is a top priority. When the technology escrow contract is put in place, we ensure not only that the software or firmware can be re-installed, but that it can be successfully used and maintained on a long-term basis. This means not only verification and documentation, but also auditing of the source code and software development process. We assure our customers that the software and the corresponding components, manuals, drawings, configuration data, keys and passwords match up and are in working order. These services are fundamental at a customer-oriented escrow agency, as is regular, fast and reliable communication between the contract partners and the agency.

Conventional escrow cannot provide such detailed knowledge about the internal structure of a software-driven product and its development processes. Only a technically qualified approach that recognizes the serious risks provides real security for the future.

The Limitations of Conventional Escrow (Source Code Deposit)

In Germany, passive escrow contracts (source code deposit) are in many cases provided as notarial services. This procedure seems serious and professional, but presents only the appearance of security. A Notary Public deposits the software without any prior audit or verification. Technology escrow agencies, however, inspect the source code to verify that it is complete, readable, in working order and free of viruses. Yet many escrow agencies do not offer detailed, technical quality assurance to verify that the source code is viable. They often neglect to deposit all the Know How, for example, engineering components (mechanical or electronic) of the product. This is where we come in with our new technology escrow concept.