End-to-End Messages Encryption ensures only the sender and receiver can read what's sent, and nobody in between. These messages will be stored in the database in the same encrypted form. Only the authorized users of messages can access and decrypt the message. This feature is provided in Channelize.io using Virgil Security.
How it Works?
End to End Encryption involves public and private keys. Each user will be assigned a set of public and private keys. The public key is used for encryption of a message while the private key is used for decryption of a message. A user can have access to the public key of any user as it is only used for encryption only while a user will have access to its private key only. This private key is saved on the authorized user's device in a secured format.
How to Enable?
Channelize provides End-to-End Message encryption using Virgil Security. To enable it, follow the steps below:
On Virgil Security Platform
- Sign up / Sign in on Virgil Security
- In the dashboard, create an Application and then click on E3Kit inside the application.
- Generate Virgil Security credentials for the Application and copy your generated APP_ID, APP_KEY_ID, and APP_KEY.
- Reach out to us at info@channelize if you haven't purchased this Add-on yet.
- Upon add-on purchase confirmation, login to your Channelize.io Application Dashboard and go to Feature Add-ons > End-to-End Encryption and enable it.
- Click on the Edit CTA associated with the End-to-End encryption add-on and save the required Virgil Security credentials copied in Step 3.
- To implement E2EE, each user of your website must be created on your Virgil Application as well. These users are created whenever they log in to Channelize or someone in Channelize application sends them a message. This process of user creation for the first time can affect the performance of your application a little bit if you have a decent number of users on your website.
- Let's say, there are two users Alice and Bob, Alice has used Channelize but Bob has not yet used Channelize. So Alice has been created on Virgil Platform but Bob has not. Now if Alice sends the first message to Bob, We check if Bob has been created on Virgil or not, If not, Bob is registered on Virgil Platform first and then encrypted message is sent to Bob.
- If your website has test users only or have a few users at this time, You can start using E2EE in your application. But if you already have a decent number of users registered on your website, You might need to migrate your users to Virgil Security Platform. To migrate your users to Virgil Security, You need to contact us at firstname.lastname@example.org and we will migrate the users for you.
- Moderating Conversations and Forward Messages functionality wouldn't work properly after enabling End-to-End messages encryption.
- On disabling the add-on previously encrypted messages will remain encrypted in the database and would be shown encrypted in the client applications too.
- Upon changing Virgil Security Credentials, messages encrypted using previous credentials will remain encrypted and couldn't be decrypted using the new credentials. Changing Virgil Security credentials post getting your application live is not recommended.