Security, data ownership, and access control are critical to any chat application—which is why PubNub built its Data Stream Network around these core tenets.
PubNub has security measures at the network, message, channel, user, and key level, spanning multiple categories:
- Encryption: PubNub supports point-to-point network TLS encryption and end-to-end AES message encryption. This is critical for medical and financial chat applications. In this case, PubNub will not have access to message data.
- Authorization: The PubNub Access Manager provides granular read and write access control with optional expiration and the ability to revoke permissions. Access can be controlled for individual users and specific channels.
- Message Validation: PubNub Functions allow messages sent by untrusted clients to be validated before they are accepted into message history or transmitted to other users. For example, profanity can be sanitized in transit, spam can be rejected or some users can be rejected.
- Legislative: PubNub is HIPAA-compliant, ensuring all legal requirements are met for transporting medical data. PubNub is also EU-US Privacy Shield-compliant, and supports geographical limitations on where messages are stored.
- Attack prevention: No inbound open ports are required. All connections to PubNub are outbound from the client. Additionally, PubNub has intelligent data center routing in place to thwart any regional attacks.