I'm considering using Dialogflow in my company but I am not fully convinced about security issues. Does anyone of you know if Google stores any input data that comes from users? In particular, any sensitive personal data?
Thank you in advance!
Best,
Marcin
Nothing like this is mentioned anywhere. To be entirely safe though, I'd suggest to have a look at the DialogFlow Enterprise version. It's under the GCP so all the data are certainly safe and private.
To prevent sensitive personal data being stored, you can disable interaction logging entirely within your Dialogflow agent's settings. See Interaction logging.
Related
New to AdMob and trying to understand compliance as it relates to providing and deleting collected user data to a user upon request from purely programming standpoint.
In my research, it appears that there is an API for the user to at least delete the data. https://developers.google.com/analytics/devguides/config/userdeletion/v3/ being the most helpful so far though not specifically particularly helpful in code examples. This would probably be accomplished either by the developer using the client ID manually or via the developer's app -> user deletion API.
Assuming one of the two approaches is the proper way the industry is currently handling this, how is this typically handled in Swift (ideally via SwiftUI not UIKit but I can follow along either way)? Please note I am not asking how to set up AdMob in general, or how to use UMP to provide GDPR consent, or what anything related to legal/compliance beyond programming.
If there is some other, more preferred option, please let me know that as well.
Thus far I have researched the differences in client ID and user ID from an end user perspective. Code-wise, I am unsure where to start until understanding which approach to take as dictated by the answers above. I have also looked into exposing the client ID vs various items that might be used as a generic device ID but am unsure how best to obtain this as well.
Thanks!
I have a use case in which we need to transfer funds from our merchant account to our customer local bank.
I found paypal legacy api which says it can make ach transfers.
I want to know how secure is using this legacy api and whether this is supported anymore or not.
Any suggestions will be greatly appreciated.
Yes, it still works fine and will continue to work for a very long time. Too many solutions up-and-running on it for them to dump it, and it's also still much more mature (loaded with more features) than REST. They continue to add new features, too, so for REST to catch up it's going to a while.
REST API still needs lot of features, so I don't think that they will shut Classic API down soon.
I'm looking for an eCommerce web-server/cart solution that doesn't store personal data such as login, passwords, payment information locally. Instead it should store it a on a remote server that couldn't be accessed in case of a security breach.
I know it might be the wrong place to ask a such a question, but honestly I can't think of a better one.
Depending on your requirements Stripe for payment information or Moltin for cart/orders might be worth looking into. Not sure if these fit what exactly you are looking for though.
I decided to look into using Google Identity Toolkit. I knew I liked the UI, and the idea of using a "federated" login system. I'm now having my doubts, as while my site works well with gmail/ymail/hotmail etc, it doesn't seem to support any of the social platforms.
Essentially, I just need an email address from people to be registered with the site, so I thought GITKit was the perfect solution.
Should I have gone down a custom route (like stackoverflow?), or have I missed some of the GITKit documentation?
Any help would be much appreciated.
I did do a fair amount of googling prior to posting that question. However, I have come accross some answers. Rather than delete my post - I guess I should share the information. If others thought the information was clear, please delete this thread!
Firstly, there is a page identifying how to add custom IDP's: https://sites.google.com/site/gitooldocs/customidps
There is also a sample site (http://www.openidsamplestore.com/localmapping/) which uses facebook.
How does the advanced demo work for identity providers who are not
E-mail providers, such as social networks?
The hardest part about
designing the advanced site was to find a way to handle all the
edge-cases that can happen with these types of identity providers.
Google previously published a summary of best-practices for
account-linking that describes why these types of identity providers
are so much harder to support. However this demo provides a user
self-service mechanism for all the tricky cases to avoid the costs
that a website might otherwise occur if those users contact a customer
support representative.
Finally, a best practices run-down is available here:
https://sites.google.com/site/oauthgoog/UXFedLogin/loginlogic
EDIT 1 :
If that identity provider asserts email addresses that it does not
host, we suggest you also implement additional account linking logic.
A future version of GITKit will add support for these type of
identity providers, such as social networks, which will avoid the need
to implement that logic
Perhaps GITKit is the future after-all... Would be nice to have an idea of the time-frame in which this support will be added though...
EDIT 2 :
Direct from the horses mouth (Eric Sachs # Google - Source Link):
That feature is not expected to be generally available in 2011. We
are shooting for Q1 2012
Looks like someone got it working back in Dec 2011 but there is still an outstanding issue with mapping the id returned to an email address. It was probably resolved:
https://groups.google.com/forum/#!searchin/google-identity-toolkit/facebook/google-identity-toolkit/2218yW4zXw8/28X7btJEh_sJ
Here is the documentation for the sample store including brief info on basic, mobile and advanced mode (using facebook):
https://sites.google.com/site/oauthgoog/Home/openidsamplesite
An out-of-the-box IDP for facebook and twitter has not yet been released.
I understand that apple no longer allows me to send "device data" to third-party services. As a result of this, Flurry and presumably every other analytics company no longer collects OS/hardware version data. However, this data is very valuable to anyone trying to target development toward the people who are actually using the apps.
I can imagine a few different ways to collect this data.
1) Send a custom event indicating the hardware/os version to Flurry. This, of course, is in direct violation of the agreement with Apple. However, I suspect plenty of people are doing this, and just not getting busted. Still, not an ideal solution. Even if Apple didn't notice that we were sending this data, I'd rather not have the possibility of the app getting pulled hanging over my head.
2) Use an analytics package which allows me to collect data on my own server. Localytics is one company which seems to offer this. However, I don't think they offer this with their free plan. Is anyone aware of any free (or cheap) analytics tools which will allow me to send data to my own server?
3) Roll my own solution. This could either be an entire replacement for Flurry, or I could continue to use flurry, but send only the device data to my own server. This is a little clunky. I'd much rather have all my analytics data in one place. And would much rather not have to deal with building my own tool if I don't have to
So, is anyone else collecting device data? Are you using one of the above techniques? Or maybe something different I hadn't thought of?
Hi maybe "Testflight Live" could help you.
As far as I know Testflight is allowed by Apple.
https://testflightapp.com/sdk/live/
I've heard of people using UIWebViews to connect to a webpage with a counter. The counter is incremented each time a page is accessed, and the pages are separated by feature/UIView. This way the developer can tell which features get the most usage.
As far as device data, you most likely are looking at rolling your own tracking mechanism, probably going through a server like Google App Engine that's set up to receive your data.
I made this an answer so I could continue to check back, because I'd like to know some more info as well. I voted up your question and favorited it
Good luck, sir