Microsoft Bot Framework Privacy/Encryption

0
votes

On looking at privacy for the bot I built using Microsoft Bot Framework I noticed this:

to provide the I/O service, the Bot Framework transmits your message and message content (including your ID), from the chat service you used to the bot.

I'm concerned about any messages that are sent to my bot being sent in the clear. Has anyone considered and/or implemented encryption in order to maintain the privacy of the messages in their bot? Or does anyone have any other solution?

1
node.jsencryptionbotframework
I don't know much about the Bot Framework but I can almost guarantee it uses TLS for communication. Everything will already be encrypted.Luke Joshua Park
what channel are you planning on using?D4RKCIDE

1 Answers

0
votes

When you register your chatbot, it requires an https endpoint. So, your message won't be sent in the clear. Additionally, you must generate an API key and a private password key for secure access to your chatbot so that only the Bot Connector can communicate. Make sure you secure your private keys so no one else can access your chatbot.