Knowledge Base

Privacy & Security

Communication between your app and our API servers

All communication between you application and our API servers is encrypted using industry standard SSL/TLS. There is no option to communicate over insecure channels so there shouldn't be any room for error on this part.

We recommend that your application uses an SSL/TLS encrypted endpoint to receive this payload in a secure way but this is up to you and your specific needs.

Read more

Communication between our API and worker servers

All communication between our backend servers is encrypted using industry standard SSL/TLS. There is no option to communicate over insecure channels so there shouldn't be any room for error on this part.

Your storage credentials

As part of your setup, we require you to enter the credentials of an Amazon S3 bucket where we will upload the result files from the preview and metadata generation process. These credentials are stored securely using AES encryption.

About your Amazon S3 bucket

As part of your initial setup, you need to provide credentials for a bucket on Amazon S3. This bucket is used to store the resulting files after our server generate the previews and metadata.

We recommend that your make this bucket write-only. This will allow our servers to copy files to it but never read them. This will assure you that once we process your files, our servers no longer have access to them.

Read more

Intermediate files

In the process of generating previews and extracting metadata from your files some intermediate copies are created on our worker servers. This is unavoidable since our servers need to be able to read the files to produce previews and metadata from them.

Once your previews are generated we copy the resulting files to your Amazon S3 bucket. That includes all generated images and a JSON file with the metadata you requested. Once that's complete we immediately and permanently delete everything from our servers. That includes all original files, intermediate files and result files.

Since the resulting product are files we don't store any of that on our database. We only store file name, size, type and other statistics to help us monitor and improve the service. None of your file content is persisted on any of our database at any point.

Storing your files

We don't permanently store your files in any of our servers. Once you request a preview, it will be queued for processing. Processing starts by downloading the file, generating thumbnails and metadata, uploading to storage, notifying via webhook, and then we immediately delete the original and all generated files. We automatically save all uploaded files directly into your custom storage.

To make it easier to get started, if you haven't put in your custom write-only storage credentials we will store your result files on our servers, but as your usage increases we will kindly ask you to move to your own storage. This storage is meant for development environments and contents might be deleted without notice. Essentially, if you are going to release your product to a production environment, you should add your own storage credentials.

Reporting bugs

We take security very seriously. Thank you for taking the time to responsibly disclose any issues you find.

All security bugs in FilePreviews should be reported by email to [email protected]. This list is delivered to a subset of the Blimp team who handle security issues. Your email will be acknowledged within 24 hours, and you'll receive a more detailed response to your email within 48 hours indicating the next steps in handling your report. You can encrypt your email using our public key.

This email address receives a large amount of spam, so be sure to use a descriptive subject line to avoid having your report be missed. After the initial reply to your report, the security team will endeavor to keep you informed of the progress being made towards a fix and full announcement. These updates will be sent at least every five days. In reality, this is more likely to be every 24-48 hours.

If you have not received a reply to your email within 48 hours, or have not heard from the security team for the past five days, there are a few steps you can take:

  1. Contact the current security coordinator (Giovanni Collazo) directly.
  2. Contact the back-up contact (José Padilla) directly.
  3. Send a DM on twitter to @blimp.

If you have any suggestions to improve this policy, please send an email to [email protected].