Logo Help Portal
  • Die ersten Schritte

    Introduction

    • Onboarding overview
    • Project Initiation
    • Email compliance
    • Account-Administration

    Daten

    • Datenaustausch
    • Daten-Onboarding
    • Web-Datensammlung

    Channels

    • E-Mail-Onboarding
    • Smart Insight
    • Predict
  • Training
    • Online Self Learning
    • Onboarding-Videos
    • Trainer-geleitete Schulungen
    • Webinare
    • Seminare
  • Benutzerhandbücher

    Strategie

    • Personalisierung
    • Automatisierung
    • Data Monitoring

    Channels

    • E-Mail
    • Mobile Apps
    • Web
    • Ads

    Add-ons

    • Smart Insight
    • Predict
    • Incentive Recommendation
    • AIM
  • Support-Artikel

    Neuigkeiten

    • Was gibt es Neues in der Emarsys Plattform?
    • Pilot Features
    • Artikel zum Datenschutz und zur DSGVO
    • Release notes - archive

    Support

    • Emarsys - Hilfe und Support
    • Ihr Benutzerprofil verwalten
  • |
  • Developer
  • Systemstatus
Benötigen Sie Hilfe? Anfrage einreichen
Deutsch English Español Français Русский Türkçe 简体中文
Anmelden
  • Documentation_-Execution_- Mobile Apps
  • Mobile Engage
  • 0 Documentation_-Execution_- Mobile Apps Mobile Engage

In diesem Abschnitt:

  • Über Mobile Engage
  • Das Mobile Engage Datenflussmodell
  • Das Mobile Engage SDK
  • Mobile Engage Onboarding
  • Bestehende Push Audiences nach Mobile Engage importieren
  • Mobile Engage - Anleitung für Endbenutzer
  • Mobile Engage - Erweiterte Funktionen
  • Creating a Trackable Deep Link for Mobile in Email
  • Obtaining Certifications and Tokens for Sending Push Messages
  • Mobile Engage Glossar
  • Weitere anzeigen

in Emarsys42

    Expand all

    Mobile Engage - Contact Authentication from Mobile Devices

    Updated: 12. Juni 2018 14:03

    In order to prevent your customers' personal data (US: PII) being stored in our cloud infrastructure, we require use of unique, non-guessable and immutable contact identifiers, instead of easily guessable identifiers like email addresses or phone numbers. Using PII data as the primary contact identifier for mobile devices is not supported.

    If the user name is insecure (for example, if it is visible to other users, or other users could guess it), then it represents a security risk, as anyone could impersonate that user and receive personalized messages not meant for them. 

    We recommend that you use a new custom field containing both the hash of that username and a secret. This custom field should be generated on your server side.

    You can use any immutable, non-sequential, non-guessable unique identifier. If you have one already used to uniquely identify customers internally, you could use that.

    Or if you want to use email, then you can take the email, add a long string (secret) that lives solely in your server, and then use a hash function against that email, the secret long string that only you know.

    You would need to create a new suite field in our field editor that includes a string value. You would need to import the hashed values of your clients into our DB; that will then serve as the unique identifier.

    You do not need to store this hashed value in your back end, because when a user logs in with their password, they can use their email+secret at that time to create the hashed value, and then use that in the SDK login call to Mobile Engage's backend.

    For performance purposes, we recommend you store this hash instead of calculating it on every login, but this remains an optional implementation for performance optimization.

    Thanks to the universality of SHA-1, we can provide the following specific sample codes:

    PHP

    <?php
    function nonGuessableUniqueID($guessableUniqueID, $salt) {
      return hash('sha1', $guessableUniqueID. $salt);
    }
    ?>

    Ruby

    require 'digest'
    def nonGuessableUniqueID(guessableUniqueID, salt)
      Digest::SHA1.hexdigest(guessableUniqueID + salt)
    end

    Python

    import hashlib
    def nonGuessableUniqueID(guessableUniqueID, salt):
    	return hashlib.sha1(guessableUniqueID + salt).hexdigest();

    Node.js

    var crypto = require('crypto');
    function nonGuessableUniqueID(guessableUniqueID, salt) {
      var sum = crypto.createHash('sha1');
      sum.update(email + salt);
      return sum.digest('hex');
    }
    ];
    War dieser Beitrag hilfreich?

    Haben Sie Fragen? Anfrage einreichen
    Zurück an den Anfang

    You may also be interested in:

    Verwandte Beiträge

    • Das Mobile Engage SDK
    • Über Mobile Engage
    • Mobile Engage - Android Oreo Notification Channels
    • Artikel zum Datenschutz und zur DSGVO
    • Mobile Data Collection
    Copyright © 2019 Emarsys eMarketing Systems. All rights reserved
    Legal Notice Privacy Policy Master Services Agreement Anti-spam Policy
    test new search