Message content, including body and media, are deleted by WhatsApp from the containers once the message is received by the business. In addition, WhatsApp currently stores non-Twilio phone numbers indefinitely in its container infrastructure, even if Phone Number Redaction is enabled and Twilio has obfuscated the last four digits of non-Twilio numbers in its systems.
Messages may go undelivered if the end user’s device is turned off or if the user has blocked the business. If a message is undelivered, WhatsApp’ container system may keep the message while it retries delivery, but no longer than seven days.
Message content, including body and media, are deleted from the WhatsApp containers as soon as there is an acknowledgment that the message was delivered. The impact of these differences on how messages are transmitted is explained below. Twilio has very limited controls over how data is managed inside WhatsApp containers. Containers are hosted by Twilio, but WhatsApp is responsible for the containers. WhatsApp containers: Messaging through the WhatsApp Business API requires the use of container infrastructure.24-hour sessions: Twilio keeps track of WhatsApp’s sessions for billing purposes.When Message Privacy features are enabled, WhatsApp messages flow through Twilio in the same way as SMS/MMS messages do, with two differences: This gives the customer’s applications time to access the associated files. The media is retained for seven days to give the recipient time to click on the media link.įor inbound MMS messages, Twilio will delete media files after 24 hours. During this time, Twilio processes the messages for hand-off to the carrier/provider.įor outbound (“pseudo”) MMS messages (outside the US and Canada), Twilio’s MMS Converter feature converts the original MMS to an SMS with a link to the media file. When Message Privacy is enabled, the direction and location in which an MMS (media message) are sent affect the length of time before the redaction of its associated media.įor outbound MMS messages in the US and Canada, Twilio deletes the media after a 15-minute period. Twilio redacts the sensitive phone number and body information on incoming messages before the message is saved for billing, debugging, and other long-term storage purposes. To avoid the potential loss of message data due to redaction, it is best to set both the primary and fallback webhooks for incoming messages. If the request to your primary webhook fails, Twilio tries the fallback webhook. Twilio stores the message up to six hours for disaster recovery purposes while it attempts to pass along the message information in the form of an HTTP request to your customer-defined A message comes in webhook. Twilio receives an inbound SMS/MMS message from the carrier/provider. In the Post-transit stage, the message with redacted information is held for long-term storage, billing, and debugger notification purposes. Once the provider acknowledges receipt of the message, Twilio stores the sensitive information for up to six hours before redaction. Once an outbound SMS/MMS message is sent via Twilio’s API, it will be retained in the queue for up to four hours, depending on message volume.ĭuring the In-transit phase, Twilio sends the message to the carrier/provider and waits for an acknowledgment before redacting the message body and phone number. For more information about WhatsApp message redaction, please continue to the next section. SMS/MMS and WhatsApp redaction vary slightly in implementation. Phone number redaction will obfuscate the last four digits of the non-Twilio phone number in the message request. With message body redaction, you ensure that Twilio never retains message bodies that may contain sensitive information.
REDACTED EMAIL MEANING HOW TO
This guide shows you how to set up your Twilio account correctly for content and phone number redaction, and includes code samples that retain this information at an individual message level. Privacy and anonymous communications may also be a value proposition for your application.
If you are building for highly regulated industries, such as health care, financial services, and education, content redaction may be required to ensure your application’s regulatory compliance. You can enable this privacy feature at the account level so that Twilio does not retain sensitive customer information by default. With Twilio’s Message Redaction feature, you protect customers’ messaging privacy by redacting the message body and phone number. Protect Communication Content and User Identity with Message Redaction