The Kore.ai Platform provides full encryption of bot messages at rest, and in transit.
Encryption of data at rest: All application data at rest in database, Search Indexes and SAN storage is encrypted. Kore.ai uses two sets of keys – a master key and enterprise data keys. Each enterprise is assigned a data key. Enterprise specific data keys are kept encrypted using the master key. The master key is provisioned and stored using HSM backed Key Management Service. Enterprise data keys are rotated periodically or on-demand. Enterprise administrators can manage data keys from the Admin Console.
The administrator also can view the key meta information and rotate the key on-demand if required. The newly generated data key will be used to encrypt the data from that point of time onwards. Application data is encrypted with enterprise data keys using AES-256-CBC (cipher block chaining) implementation with 16-byte random initialization vectors (IVs).
Encryption of data in transit: The Kore.ai Platform also provides full encryption of all bot messages during transit. The Platform uses HTTPS over Transit Layer Security (TLS) using AES 256 standard.