Frequently Asked Questions - Security and Privacy

How secure is mesibo?
I think I found a privacy/security issue in the mesibo APIs, what should I do?
Can I host mesibo on my own servers?
What if I do not want my user data to go through your cloud servers?
I am using my own encryption. Can I disable default security?
Due to GDPR, can you guarantee that the location of the server is in the EU?
Is mesibo HIPAA compliant?
Does mesibo meet EU GDPR requirements?

How secure is mesibo?

mesibo is one of the most secure real-time communication platforms in the world. mesibo messages and calls are end-to-end encrypted. mesibo offers the world's most powerful end-to-end encryption algorithm. You can read more about it here and an article here.

In addition, mesibo uses the latest Transport Layer Security (TLS) to secure communication. mesibo also provides an API for additional custom end-to-end encryption and key exchange on top of the default encryption which allows changing the encryption key for every message exchange and even mesibo servers cannot read those communications.

I think I found a privacy/security issue in the mesibo APIs, what should I do?

mesibo prioritizes data privacy and security as paramount concerns. The mesibo platform undergoes rigorous testing, encompassing hundreds of test cases dedicated to privacy and security, establishing mesibo as one of the most secure platforms available today.

To further protect our platform users, we extend an invitation to security researchers worldwide, including you, to participate in our Bug Bounty Programopen_in_new. We offer a generous monetary reward for qualifying issues as part of our ongoing commitment to maintaining the highest standards of security.

Can I host mesibo on my own servers?

Absolutely, mesibo offers On-Premise solutionopen_in_new which you can download and run in your own data center or private cloud. All the messages and calls route through your own servers and are saved in your own database. So unlike other services, Mesibo On-Premise gives you ultimate control and conformance to stringent data compliance and privacy requirements (GDPR, HIPAA, etc.).

What if I do not want my user data to go through your cloud servers?

Please refer to the previous answer.

I am using my own encryption. Can I disable default security?

There is no need to use your own encryption. mesibo encryption is the strongest in the industry. We earlier provided an API setSecureConnection to enable or disable the encryption. However, we no longer support that API. All communication is now encrypted and secure by default.

Due to GDPR, can you guarantee that the location of the server is in the EU?

Yes, we can offer you servers located in Germany.

Is mesibo HIPAA compliant?

Yes, mesibo is HIPAA compliant. You can download the entire mesibo platform on your own data center or private cloud so that you control and manage all your data. This made mesibo the preferred choice for financial institutes, telemedicine, and all other apps that care for their sensitive business and user data and their privacy.

Does mesibo meet EU GDPR requirements?

Yes, mesibo is compliant with EU GDPR. On request, mesibo can restrict all your data to be stored and pass through EU based servers only. You can also download the entire mesibo platform and host it in your own data center or private cloud.