Note: User Hub features are in Closed Beta. Please reach out to your Customer Success managers for more information.

User Data Security is one of the core principles on which the New Identities and Profile System is built. We also ensure compliance with multiple privacy rules and regulations.

This article outlines the security measures, access controls, and privacy options provided by the New User Identity System.

I. External Measures

1. Full Privacy Feature for External Users

The Full Privacy feature allows users and brands to opt out of data collection to enhance user privacy. Brands can control user data privacy settings to comply with regional or industry-specific privacy laws.

  • Users and brands can opt out of data collection by setting the "full_privacy_enabled" User field to TRUE. In this scenario, the system does not capture the User Email ID, or any other user-specific Personally Identifiable Information (PII).
  • It will collect non PII usage data like device information, support metrics like Average CSAT etc., so that they are also treated as they deserve.

For instance, Full Privacy can be set to Yes for underage users, along with other compliance measures.

Anonymous users cannot view historic conversations when they are interacting with brand. If they use incognito/browsers from where the brand cannot recognize them, they would be treated as anonymous.

2. User Verification Tokens mandatory for New ID System in SDK

To ensure that the information set in the SDK (version 10.4 and above) about the user is verified as coming from the brand and not a third party on the Internet, we mandate the use of a user verification token for the user data sent to Helpshift.

This is an industry best practice and a current functionality of the old ID system.

II. Internal Measures

1. Role-Based Access Control (RBAC) for HS Internal Users

To ensure the security of user data, access is carefully controlled and restricted based on roles.

  • RBAC-controlled access: Access to user data is managed using Role-Based Access Control (RBAC). Only authorized internal users have access.
  • Restricted access for developers: Developers are denied access to profile data in the production environment by default. Special access may be requested and must be approved by the respective Engineering Managers (EMs). Such access is granted temporarily based on specific circumstances and limited to on-call incidents.

Note: Internal users cannot download data onto personal devices or local instances.

2. Data Encryption

Data encryption is crucial for securing user information against unauthorized access.

  • Data encryption standards:
    • Data at rest is encrypted using a minimum AES-256 bit encryption standard.
    • Data in transit is encrypted with a minimum TLS 1.2 encryption standard.
  • Encryption for all users: Encryption is enforced for internal and external users to ensure consistent security.

3. Data Storage and Isolation Practices

  • Data is stored securely and isolated to prevent unauthorized access or accidental exposure.
  • All data is securely stored in a separate database, distinct from other data repositories.
  • Data is managed separately for each tenant to ensure that there is no risk of cross-tenant data exposure.
  • All access and error events related to the identity and profile table are properly logged to support monitoring and troubleshooting.
  • Temporary access to user data for troubleshooting is controlled via RBAC and is restricted to on-call incidents.