Being a tool “from developers to developers”, the main concern is the safety and privacy of Notify17’s users’ content.
What this means is that the entirety of users’ generated notifications is encrypted with a private/public key encryption approach. This way, Notify17’s backend knows nothing about users’ generated notifications, and places the ownership of this content directly in users hands.
The end result of using this approach is that users’ generated content is decrypted only on users’ devices, without it ever be visible/decryptable in the backend side of Notify17.
Public/private key pair
Each user owns a specific public/private key pair, generated when the user first registers and enters their encryption password.
- The public/private key pair is generated in memory.
- The private key (
privateKey) is encrypted (
encPrivateKey) with a random encryption key/IV pair (
privateKeyKIVis then encrypted (
encPrivateKeyKIV) with the user encryption password.
encPrivateKeyKIVare then stored in the database.
When Notify17 is then accessed on a client (e.g. the iOS app):
encPrivateKeyKIVare fetched from the database.
- User enters their encryption password, which in turn decrypts:
privateKeyis then stored in a safe keychain.
Example: new content is generated
- A new notification is generated in memory.
- The notification content is encrypted (
encContent) using a random encryption key/IV pair (
contentKIVis then encrypted (
encContentKIV) with the user public key.
encContentKIVare then stored in the database.
When the notification reaches the client (e.g. the iOS app):
privateKeyis retrieved from the keychain.
- It is then possible, on the client, to decrypt:
- The user can see their content.