Here’s how to create secure and safe connections with Data connectors.
Identity Verification
For the most secure call, we recommend using ‘Email’ or ‘User ID’ on the People Object to match the user in your system.
Intercom currently only allows you to verify the email or user ID values coming from Messenger. We strongly encourage you to set up and enable Identity Verification.
Protection from data leaks
There are generally two ways data can be compromised:
A user updates one of their own attributes maliciously - For example, setting "user_shopify_id=123", where 123 is a victim's Shopify ID. Then this data is pushed or pulled from Shopify for ID 123, and it gets associated with the malicious user in Intercom.
A user manipulates data in a third party, and a Data connector pulls in compromised data to Intercom - For example, a user signs up for a third party using the phone number of a victim. Then a Data connector queries the third party and syncs that phone number to a people attribute in Intercom. Now the user has overwritten their phone number with the victims.
To prevent this from happening, always test your Data connector first before setting it live to ensure it’s configured correctly.
Key things to look at:
Make sure that your Data connector is returning data relevant to the matched user.
Make sure that your data is being stored correctly in your mapped Intercom attributes.
Need more help? Get support from our Community Forum
Find answers and get help from Intercom Support and Community Experts