Data security is a critical component of the Experience Analytics solution. Experience Analytics components employ the following encryption standards to safeguard your customers' interactions with your web application.
The following is a list of key characteristics within Experience Analytics:
- Except as noted below, Experience Analytics components use symmetrical encryption. The same key is used for encryption and decryption operations.
- Custom object identifiers (OIDs) are not used.
- Subject Alternate Names (SANs) are not used.
- SSL library is used to manage all encryption.
Encryption by component
|CX Passive Capture Application server||Web Server Keys are converted into encrypted 160-bit 3DES Experience Analytics ptl formatted keys. Keys cannot be copied or used by another PCA server.|
|Data encryption||For PCA servers pipeline privacy component or the Privacy pipeline agent, any part of the captured data can be encrypted to use either the RC2 or 3DES algorithm.|
|Server communication||By default, the supplied Experience Analytics self-signed certificate/key is
2048-bit. Communication between the PCA server and the Experience Analytics
CX Server can be encrypted with this certificate/key.
Note: SSL traffic between the PCA server and the Experience Analytics CX Server utilizes asymmetrical encryption.
|Session data||The Processing Server (Canister) stores all session data to disk in LSSN files encrypted
Note: Experience Analytics maintains the 3DES keys, which are not configurable through Experience Analytics products.
|Portal and Report server||Portal user passwords are encrypted using 192-bit 3DES.|