Skip to contentSkip to navigationSkip to topbar
On this page

Webchat 3.0 security (Public Beta)


(information)

Public Beta

Flex Webchat 3.0 is currently available as a Public Beta product and the information contained in this document is subject to change. This means that some features are not yet implemented and others may be changed before the product is declared as Generally Available. Public Beta products are not covered by a Twilio SLA.

(information)

Info

Not a HIPAA Eligible Service
Webchat 3.0 is not a HIPAA Eligible Service and should not be used in workflows that are subject to HIPAA.

(information)

Info

This page applies to Webchat 3.0. If you are using Webchat 2.0, see the Webchat 2.0 overview instead.

Webchat 3.0 includes enhanced security measures:


Deployment key shields your account information

deployment-key-shields-your-account-information page anchor

To add Webchat 3.0 to your website, you create a randomly generated deployment key and map it to a chat address in Twilio Console. When you deploy Webchat 3.0, your account information is shielded, because only your deployment code is used. If you ever feel like your deployment key might have been compromised, you can replace it with a new deployment key and chat address.


Fingerprinting prevents spoofing

fingerprinting-prevents-spoofing page anchor

When a user begins a webchat session, Webchat 3.0 records the fingerprint of that browser and device based on a number of characteristics. For details about the specific characteristics that Flex uses to create a fingerprint, contact our support team(link takes you to an external page).

With every chat message that Flex UI receives, that fingerprint is verified. This means that the chat session can't be hacked, spoofed, or intercepted without being detected.


In your deployment key settings, you can specify up to 10 trusted URLs as allowed origins where your customers can initiate a chat. Chat sessions are only accepted from those trusted URLs. By setting these values, you ensure that your chat widget can't be deployed on other websites.

Need some help?

Terms of service

Copyright © 2024 Twilio Inc.