Chat / Android
Chat Android v4
Chat Android
Chat
Android
Home
/
Chat
/
Android
/
Message
This is the new Docs for Chat SDK v4 for Android. To see the previous Docs, click here.

Share an encrypted file

This file encryption feature prevents users without access from opening and reading encrypted files that have been shared within a group of users. When this feature is turned on, all types of sent files and thumbnail images are first uploaded to the Sendbird server, and then encrypted by AES256.

In a channel, encrypted files and thumbnail images are decrypted and accessed securely only by the users in the channel. Anyone outside of the channel and application won't have access to these files and thumbnail images. The following explains how this data security works and what to do at the SDK level to apply it to your client apps.

The Sendbird system enables secure encryption and decryption of files by generating and distributing an opaque and unique encryption key for each user. An encryption key is managed internally by the system, and is valid for three days. It is generated every time the user logs in to the Sendbird server through the Chat SDK, which then gets delivered to the Chat SDK from the server.

When the Chat SDK requests an encrypted file by its URL, the auth parameter should be added to the URL to access the file, which is specified with an encryption key of the user such as ?auth=RW5jb2RlIHaXMgdGV4eA==. With the specified key in the auth parameter, the Sendbird server first decrypts the file, then checks if the user belongs to the channel, and finally, allows the user to access and open the file in the channel.

This can be easily done using the fileMessage.url property, which automatically adds the auth parameter with an encryption key of the current user to the file URL, and returns the unique URL for the user.