Charket Data Security

Data security is one of the first few things we seriously considered when we first designed our Charket app. The way Charket protects customers’ data is not to save any customer data at all. Charket is a Salesforce native app that integrates WeChat into Salesforce directly, without having any servers in between. By doing so, we can ensure all the data is secure and achieve the best performance and the highest reliability as well.

The diagram below shows how a request and a response are routed among all points of the entire communication process.

Here are the details on how the data is secured between any two points.

• When a WeChat follower sends a message to an agent, the message first goes from the WeChat app to the WeChat server. The message in this case is encrypted by WeChat. This means even if a WeChat user’s Internet connection is compromised, there is no way the data can be compromised. Below is a quote from WeChat’s help center on how WeChat secures sent/received messages. This help center article can be found at this link.

WeChat securely encrypts your sent and received messages between our servers and your device ensuring that third parties cannot snoop on your messages as they are being delivered over the internet. We do not permanently retain the content of any messages on our servers whether they are text, audio or rich media files such as photos, Sights or documents. Once all intended recipients have received your message, WeChat deletes the content of the message on our servers and therefore third parties including WeChat itself are unable to view the content of your message. To ensure the privacy of your messages, it’s important to make sure that you follow some safety tips. Read more about how to best secure your WeChat experience on all of your devices.

In some cases, you may choose to have your message content either saved to the server or handled by a third-party service partner. For instance, when you select to add a message to Favorites, your message content will be automatically saved to our servers so that the message is available from within Favorites on any device that you log in to via WeChat. You may at any time de-select any message content from Favorites and they will be deleted from our servers. When you long-press a message and select Translate, the message may be translated via a third-party translation service, but the third-party shall not store the content of the message.

• The WeChat server then forwards the message to Salesforce. The message under such circumstance is encrypted by using TLS 1.1 or above. The message is secure not just because it’s encrypted but also it’s transmitted between two data centers, it’s very hard, if not impossible, to intercept such communication.
• Salesforce then forwards the message to an agent’s browser (Salesforce UI). The message in this case is also encrypted by TLS using 1.1 or above. Salesforce is well known for its data security record.
• When an agent’s reply goes back to the WeChat follower, the returned message goes through the same process but in the reverse order. The returned message is protected the same way as how the received message is protected.

Salesforce disabled TLS 1.0 in 2017. All data inbound to and outbound from Salesforce is encrypted using TLS 1.1 or above which is considered safe and strong at the moment and will take infinite resources to crack.

Scan the following QR code with your WeChat app to follow us on WeChat and receive our future articles on best practices for using WeChat for businesses.