Securing Customer Identification

Security

If required you can enable secure customer authentication in the Intilery system (Settings within the UI), enabling this requires you to provide a shared secret in the form of a Hashing Salt.

Enter a shared salt string in the Authentication Salt property shown above

To use the Intilery Authentication mechanism, you must provide authentication tokens along with any event that contains the customers email address.

Tokens are made up of the user's email address, the current UTC time in milliseconds (unix timestamp) and a Salted MD5 hash of the timestamp string.

This token is valid for 5 minutes after creation.

  • Auth.Time : UTC Unix Timestamp
  • Auth.Token: MD5(Email + Timestamp + Salt)

Example:

Email = "me@example.com";
Auth.Time = 1415260093920;
Salt = “this_is_a_salt_string”;
Auth.Token = MD5("me@example.com" + “1415260093920” + salt);

To provide the Authentication token along with an event that contains the customer’s email, the following is required:

_itq.push(["_trackUserEvent", "sign in",
	{
		"Customer": {
				"Email" : "String Value"
		},
		"Auth": {
			"Time" : "1415260093920",
			"Token" : "1b3ed523be3a50ba5c8fcc3c2347c449"
		}
	},
	"Sign In"
]);

Still need help? Contact Us Contact Us