We’ve Improved Security In Our App with a Single Sign-On System (SSO)
September 8, 2020 –
We listened to customer feedback and delivered. In the summer 2020 edition of Convert Experiences A/B testing and personalization, we added new features requested by our customers, including a Single Sign-On system that can integrate with tools like Citrix, LDAP, and 0Auth.
Privacy and security are at Convert’s core. Although an unpopular choice in a marketing world where profit drives decisions, we decided to move into a world of data minimalism. We chose to focus on the job and ignore the noise.
Still, it wasn’t automatically a match made in heaven. As a marketing and optimization tool, we need to install a tracking script on our customers’ websites to track if the changes made have any positive effect on the experience of the web visitors and the business goals of the organization. So putting tracking and privacy in one sentence did feel a little off to most people back in 2017.
When we rebuilt the backend to not track with identifiers and batch the visitors in buckets over individual records, we knew it would be impossible to track an individual in our system. We felt that a technology like ours could still provide insights into what people want in terms of design, copy, and pricing, without tracking and collecting personal data. All you need to know is what variation of your experiment someone saw and if they converted, nothing more.
With GDPR, data breaches are a big part of ensuring privacy for users. So security naturally came into focus and Single Sign-On (SSO) became an essential feature.
Some of our customers (for example, Mozilla) have over 2000 collaborators. They manage access to applications using a centralized system, so once people move on to other projects and companies, they want to cut access in a centralized format. That way they don’t have dozens of individual applications to manage the collaborators.
“We’re committed to a better internet,” says Justin Crawford, who leads Mozilla’s website and conversion optimization teams. “We carry that commitment into every decision we make, in our browser products, our new VPN, and everywhere else — even in the way we market our products on www.mozilla.org. Using SSO to manage Convert.com access is one way that we ensure high quality for visitors to the site”.
Even though no personal data (or PII, as it is called in the US) is stored inside Convert’s apps, we did consider that data storage in the strictest legal environment was important. So in 2016, Convert moved all its carbon-neutral data centers to Frankfurt, Germany.
Data does not leave Germany, and so it makes it easier to deal with European legislation. With international privacy laws changing all the time, we can’t predict what comes next, so we’ve decided to keep all data in the most secure and legally most strict environment we could think of. Frankfurt, Germany, surely is that location for us.
With our commitment to privacy, we allow our customers to measure the impact of their changes to web and applications, knowing that their data is secure now and in the future. We made sure that none of the data we store breaks any national and international compliance laws and — most importantly — the trust of our clients’ users.
A better world starts with the customers we select, the tools we build, and how we treat everyone, even when they cannot look under the hood to see how we work. It’s what this world needs and this is how we like to conduct business — don’t do harm and make products that respect users.
Full access, 15-day FREE trial. 80+ integrations with tools like Citrix, LDAP, and OAuth.Start Trial