Do not send sensitive data via
CustomerInfo
, custom_params
, or customer_params
.CustomerInfo
, custom_params
, or customer_params
.
What is CustomerInfo?
Certain calls available via ASAPP APIs and SDKs provide a parameter that supports the inclusion of arbitrary data with the call. We’ll refer to such fields as “CustomerInfo” here, even though in different ASAPP interfaces they may be variously called “custom_params”, “customer_params”, and “CustomerInfo”. CustomerInfo is typically a JSON object containing a set of key:value pairs that can be used in multiple ways by ASAPP and ASAPP customers. For example, as context input for use in the ASAPP Web SDK:Do not send sensitive data as cleartext via CustomerInfo
ASAPP strongly recommends that our customers do NOT send sensitive data using CustomerInfo. If customer requirements dictate that sensitive data must be sent via CustomerInfo, CUSTOMERS MUST ENCRYPT SENSITIVE DATA BEFORE SENDING. The customer should encrypt any sensitive data before sending via CustomerInfo, using a private encryption mechanism (i.e. a mechanism not known to ASAPP). This practice will ensure that ASAPP never has access to the customer’s sensitive data, so that data will remain securely protected while in transit through ASAPP systems. Additionally, ASAPP strongly recommends that our customers use strong encryption. Specifically, we insist that customers use one of the following configurations:- Symmetric Encryption Model: use AES-GCM-256 (authenticated encryption) with a random salt to provide data integrity, confidentiality and enhanced security. Each combination of salt+associated data should be unique.
- Asymmetric Encryption Model: use a key size of 2048, and use RSA as an algorithm. ASAPP recommends setting a key expiration date of less than two years. ASAPP and the customer should both have mechanisms in place to update the key being used. Private keys which are rotated should be retained temporarily for the purposes of accessing previously encrypted data.