Tech Research

[myastark]

Overview

The notifications need an option for security that works with the following circumstances:

-User may not be able to recall a passcode while dissociated. -There is no user account remotely storing a password to be emailed. -If someone physically has the user's phone, they shouldn't be able to figure it out.

Action Items

Methods used by domestic violence apps may be a good starting place.

Resources/Instructions

[H1Angela]

Given the type of service, HIPPA rules apply here. But the good news is we don't have to encrypt ALL the code, just sensitive information that is personally identifiable. Info such as name, email, and phone numbers etcetera. That type of data has to be placed in a different encrypted server with very limited access.

[myastark]

How do you back up your data without an account? What happens if you reset your phone? How can it communicate with other apps? Can syncing the phone with your computer save it? Can a notification have 3 options: View Note, Have SI Dismiss, Don't Have SI Dismiss? Mute the app Geolocate places you don't want to have notifications.

[nickgieschen]

So, after some cursory research, here's what I've got:

1. How do you back up your data without an account? My suggestion is to encrypt the user's data and let them save it to some cloud storage vendor (google drive, dropbox, etc.) We can make this pretty seamless for the user. That is, we can pick a few of the most common storage solutions (google drive, dropbox, one drive, icloud, etc.) and give the user a login screen for them. Once the user has logged in, the app will be able to save the users data to their external storage. Every time the user changes something, we update in the cloud storage. In terms of privacy, we would encrypt everything so it would only be decryptable inside the app.

2. What happens if you reset your phone? If 1, then as long as they can log into the cloud storage, they can bring in all their previously saved data.

3. How can it communicate with other apps? I forgot what the issue was with this. If it is, "can other apps spy on the app?", the answer is no. Apps are pretty securely sandboxed on both iOS and Android.

4. Can syncing the phone with your computer save it? iOS: App data can be automatically backed up to iCloud or iTunes. In many instances, users might not really realize this is happening. Users can turn this off on an app by app basis. iCloud backup information is encrypted in transit and at rest, however, Apple does theoretically have the ability to decrpyt the data on the server. iTunes is not encrypted, unless the user opts in.

Android: App data can be automatically backed up to Google Cloud. In many instances, users might not really realize this is happening. Users can turn this off on an app by app basis. If the user uses a a PIN, pattern, or password screen lock instead of instead of a swipe or Smart Lock, their data will be end-to-end encrypted, and unlike in the Apple scenario, Google can not decrypt the data on the server.

5. Can a notification have 3 options: View Note, Have SI Dismiss, Don't Have SI Dismiss? iOS: We can (and should) respond to a tap on the notification itself. Additionally, we can add 4 buttons.

Android: We can (and should) respond to a tap on the notification itself. Additionally, we can add 3 buttons.

6. Mute the app Yup, we can mute the notifications. We could give options to mute for x amount of time as well as until y date.

7. Geolocate places you don't want to have notifications. As long as the user gives the app location permissions, we can mute notifications based on location.

8. Can we hide the existence of the app on the device? iOS: We can give the user a number of icons to choose from. E.g. make it look like a crossword puzzle app. We can't change the app name.

Android: It's going to take some experimenting to see if we can do as above. However, users can change app icons and there are third party apps out there which make this easy. If we can't give the user a choice of icons from within the app, we can at least inform them it's possible and walk them through doing it with a third party app. We can't change the app name. In both cases, the name of the app will be available in places like notifications, settings, etc.

[nickgieschen]

9. Can our app launch another app within the device, e.g. Not Today wants to launch Spotify iOs: Yes Android: Yes

Docs for Spotify deep links here

[myastark]

10. How do we minimize the amount of data storage used? If something the user wants to add already exists on the phone (like a photo from photo album) how does Not-Today work with it?

11. How could we possibly get data for a useful KPI from this if it doesn't communicate with us? Idea: Sporadically ask user for permission for app to email a zip file of the SI tracking log to us.

[myastark]

@nickgieschen I just changed the name of the issue and we can keep continuing questions here.

[nickgieschen]

10. How do we minimize the amount of data storage used? If something the user wants to add already exists on the phone (like a photo from photo album) how does Not-Today work with it?

We can compare the hashes of images, audio files, etc to the ones we're already storing in the app to ensure we're not duplicating them. If we want to be more sophisticated and check for images that may have been resized, rotated, or whatever, we can do this too. This isn't an issue I'd worry too much about though.

11. How could we possibly get data for a useful KPI from this if it doesn't communicate with us? Idea: Sporadically ask user for permission for app to email a zip file of the SI tracking log to us.

To collect data, we could have the app send data to a google analytics account. We could assure the user that the data is anonymized.