Sunday, 2 April 2017

Encrypting emails to customers

We are making progress...

The new email library is working, and the accounts systems was updated last week. This was not without some snags. On Friday we had some people unable to open PDF attachments. This turned out to be a quirk with an old exim on the server, which is being replaced soon, and created additional unexpected whitespace in the base64 coding of the PDF. From what I understand whitespace is valid anywhere in base64, so I don't think we were wrong, which explains why the tests with various email clients before hand (Thunderbird, Apple, etc) were fine. It was failing on some Microsoft mail clients though. We fixed that on Friday before main billing run Saturday.

A typo in the fix, or rather after the fix was tested, meant no invoices Saturday, which has been fixed today and all April invoices have now been emailed. One person with an old mutt script broke but otherwise all looking good.

The next step is part of the development work on the KCI system. (KCI is Keep Customer Informed). It will be used for status updates from the control systems tracking orders and faults and appointments. It is not used for invoicing or call recording. However, a key part of the KCI system involves customers registering public keys with us.

Customers will be able to email a public key to us with their email address on one or more of the UIDs. Once done, they will then be able to go to priceless (accounts), or clueless (control pages), and select from one or more public keys we have seen with that email address. That will select the specific key we should use for encrypting email to them.

This should avoid issues with rogue keys that happen to be created with the same email addresses. The customer, once logged in, with any 2FA and so on, will select the specific key to use.

This is important for privacy as invoices can include itemised bills, and call recordings could have sensitive information. The plan is all systems, including the new KCI system, will start using this key management to send encrypted emails, and our existing systems for ordering and faults will move to the new KCI system.

This may take months to complete fully, but should allow a lot more security and privacy for customers.

No comments:

Post a Comment