You want to obfuscate or secure the attributes in the URL, we suggest you use two methods:
- Base64 encoding to limit the visibility of attributes in the URL;
- AEAD method (authenticated encryption with associated data) to simultaneously ensure the confidentiality and authenticity of the data.
We recommend that you forward this article to the teams who manage the integration of data into your external email or SMS sending tool.
Base64 encoding method
We suggest that you use base64 encoding your attributes if you don't want the recipient to view this information.
This solution is suitable for its simplicity of implementation but is not a solution which offers an additional level of security, unlike the AEAD encryption method described below.
The procedure for base64 encoding the url parameters is as follows:
- Encode the attribute-type parameter string in base64 d:attribut1=valeur1&d:attribut2=valeur2&d:attribut3=valeur3
- Pass the encoded string in a new named parameter: qse64
Please note that the base64 encoded string must contain attributes only, do not encode the "value" and "lang" parameters.
AEAD encryption method
We suggest you use the AEAD method (authenticated encryption with associated data) which simultaneously ensures the confidentiality and authenticity of the data with the approach called Encrypt then MAC (EtM). Using one key to encrypt the payload (encryptkey) and another key for the MAC part (authkey) to ensure data integrity.
- Generate the 2 keys from your MyFeelBack account
- You create the payload in JSON format containing the business data (Attributes).
- You encrypt with AES-CBC using the encryption key (256 bits), a block of size 128 bits, and PKCS7 padding mode then you generate an Initialization Vector (IV) according to the size of the block (128 bits) and finally you encrypt the JSON payload with the encryption key and the IV.
- You create a signature for the resulting ciphertext. For this we can use HMAS-SHA256 and the authkey. Determine the HMAC by hashing the concatenated IV of the ciphertext. HMAC = HMAC-SHA256 (IV + ciphertext)
- Encode IV + ciphertext + HMAC in base 64: base64_payload = base64 (IV + ciphertext + HMAC) Finally, since base64 can contain characters like / and +, it will be necessary to URL-encoded the encrypted and signed payload obtained before adding it in the questionnaire url.payload = urlencode (base64_payload)
- URL of the questionnaire to be included in the email template: https://room.myfeelback.com/webistes/xxxxxxxxxxxxxxx?p=<payload>
Key generation procedure
To access the keys, you must authenticate at the back office of the solution (HTTPS).
Your user must have “Account Settings” rights.
You will find your key by going to Settings from the side menu.
In the Broadcasts category within your settings, choose "Encryption".
If the key pair has never been generated then the user can click on a "Key Generation" button. In this case, the MyFeelBack system generates the key pair. The user can thus copy paste and use them elsewhere.
A MyFeelBack account can only be associated with one key pair at a time T. A key pair can be revoked on request by contacting MyFeelBack support. If the key pair is revoked then all links generated before the revocation containing data encrypted with that key pair will be invalid. A new pair can then be generated according to the procedure described above.