Chat

Ensuring GDPR Compliance for PubNub-powered Chat Apps

Michael Carroll on Mar 19, 2018
Ensuring GDPR Compliance for PubNub-powered Chat Apps

PubNub delivers over 30 billion messages a month for thousands of chat apps across the world. These are chat apps of all shapes and sizes – massive scale group chat, secure and encrypted 1:1 chat, multiplayer in-game chat, team collaboration – the list goes on and on.

Our infrastructure and APIs power the core features of any chat app (messaging, typing indicators, message persistence), as well as advanced cutting-edge features (chatbots, natural language processing, translation, sentiment analysis).

And since PubNub was born, we've always put security and compliance first. In this post, we'll dive into how you can ensure that your PubNub-powered chat apps are GDPR-compliant.

Initializing PubNub Securely

When initializing the PubNub object, developers have the option to enable TLS and also provide a cipher key. This is an example of what the initialization code will look like using our Javascript SDK.

var pubnub = new PubNub({
    subscribeKey: "mySubscribeKey",
    publishKey: "myPublishKey",
    cipherKey: "myCipherKey",
    authKey: "myAuthKey",
    uuid: "myUniqueUUID",
    ssl: true
});

The cipher key is used to encrypt and decrypt data that is sent to (and through) PubNub. The cipher key is usually sent to the client’s mobile device or browser securely during login. PubNub does not have access to the cipher key. The auth key is needed when Access Manager is enabled. This is highly recommended so that users have read, write or full access to channels they need.

Channels and Data Access

In chat applications, chatrooms or 1:1 conversations are PubNub channels. It is good practice to not have any sensitive data as part of the channel name.

Developers have the option of using PubNub Channel Groups in the event where they want to persist a list of channels each user subscribes to. Each user will be assigned their own channel group and again, it is good practice to exclude any identifiable information in the channel group name.

Access Manager extends PubNub's existing security framework by allowing developers to create and enforce secure access to channels throughout the PubNub Data Stream Network. Access Manager enables the following functions:

  • Syndicating streams by authorizing users to read/write messages on one or more channels
  • Granting/revoking permissions for your real-time streams at the user/device, channel, or key level
  • Working with Auth tokens from any existing authentication system: OAuth (Facebook Connect, Twitter, Google, GitHub, etc.), LDAP, or homegrown solutions

Access Manager is critical for social apps and chatrooms where secure real-time communication is peer-to-peer, with the option to monitor and intervene in user interactions when needed (e.g. ban a user, change privileges on a private chatroom, etc.).

Data Storage for Chat

PubNub Storage and Playback, informally referred to as the Persistence API, enables you to store messages as they are published, and retrieve the previously-published messages at a later time.

There are many types of events/messages that are generated in a chat application. Here are a couple examples:

  • Chat messages
  • Notifications
  • Message Reactions
  • Typing Indicators

The PubNub Persistence API provides granular control over the types of messages that need to be persisted. For example, here is a publish operation using PubNub’s Javascript operation that does not persist the message in the PubNub Network.

pubnub.publish(
    {
        message: { 
            text: 'Hi there'
        },
        channel: 'my_channel',
        storeInHistory: false, //override default storage options
    }, 
    function (status, response) {
        if (status.error) {            
            console.error(status)
        } else {
            console.log("message Published w/ timetoken", response.timetoken)
        }
    }
);

Auditing Messages

Functions and Gateways provide a highly flexible option to route messages to your own servers so that developers have the option to leverage their own infrastructure for audit purposes.

The ability to call into remote APIs is made possible via the PubNub XHR module. This is a powerful, easy-to-use Functions API module that provides all HTTP methods (verbs), with full control over content encoding, headers, and response parsing.

Securely invoking remote APIs through Functions will require a shared secret or API key. The Functions Vault module provides access to the secrets stored in your secret store. Vault only allows retrieval of the unencrypted value of your secrets. It does not allow storing new secrets in the secret store or modifying the value of existing secrets. In order to store new secrets please go to the Functions editor page and look for MY SECRETS.