User identity is established through an encrypted access key which always takes place over HTTPS or HTTP (chosen by the administrator or the developer). The privacy of the request sent by the user is guaranteed by the fact that we do not store full parameters.
API method and the country used for the request are the only information stored by GeoAnalytics Builder. This information is used to count API Call consumption and is counted and consolidated for each customer account. The country is stored in order to calculate the royalties fees paid to our data providers, which are different from a country to another.
By default the GeoAnalytics Builder API environment is not restricted. If requested by a customer, the environment can be restricted to one or more specified IP addresses.
Each user has a unique username (email address) and a password used each time a user log-in the contente manager web application (http://geoanalyticsbuilder.maporama.com). A session cookie is issued to store the encrypted authentication information for the duration of the user session. Informations stored are the session ID and the expiration date and time.
GeoAnalytics Builder content manager includes the following security features:
Each customer account has its own logical separate database schema, providing isolation of stored features. Customers database schema backups can be done on a regular basis if customer requests it.
We use data replication in a Master/Slave model to ensure maximum data security and avoid data losses.
Customers are responsible for the use of the content manager application and the use of their data in the application.