Regarding Mobile Apps with Hard-coded API Keys

A security report recently announced that Android and iOS apps were discovered to contain hard-coded Twilio credentials, meaning the data from the associated Twilio accounts were potentially at risk of exposure to bad actors. The Twilio platform itself remains secured and un-compromised, and we have no evidence that data from any of the apps was accessed by an unauthorized party. Nonetheless, we’d like to offer our… Read More

Twilio and “Friend-to-Friend Invitations”

Many apps nowadays send out invite messages to a user’s contacts in order to get that user’s friends on the platform — I mean, hey, if your user thinks your product is cool, why not encourage them to tell their friends about it? Apps that do friend-to-friend invites typically access the end user’s contact list to find phone numbers of  their friends and partially or fully… Read More

It’s About Trust: Twilio’s New Transparency Report

  The trust you place in Twilio for your vital communications is of paramount importance. The purpose of Twilio’s transparency report is to provide the visibility you deserve and expect from a cloud service. Twilio Transparency Report – Second Half of 2016 The objective of Twilio’s semi-annual transparency report is to inform you of the total volume of government requests for information received by Twilio, how… Read More

Integrating Social Impact Into Your Company: How Twilio.org Pledged 1%

A lot of people think about social impact initiatives as purely philanthropic, a side project a company takes on to give back, something that is separate from the financials and commercially driven initiatives of a business.  In Twilio.org, Twilio’s social impact program, we don’t take this approach.   In the past three years since launching Twilio.org, we’ve learned that social responsibility must be as critical to… Read More

Why We Support User Privacy

Twilio is proud to stand with Microsoft in defense of user privacy. Trust and transparency are pillars of what cloud service providers like Twilio offer to our developers, customers and end users. You rightfully expect us to protect your privacy, sensitive data and personal information. Microsoft has filed a suit in federal court to challenge the practice of government agencies issuing blanket nondisclosure orders when issuing… Read More

Testing SDKs at Twilio

The SDK Engineering group at Twilio is responsible for building and maintaining two real-time communications products – Twilio Client – a set of web and mobile SDKs for making and receiving VoIP calls, and Programmable Video – a set of SDKs for adding video chat capabilities to developers’ apps. We’ve seen first-hand how the testing requirements for building video SDKs differ vastly from those for typical… Read More

Why We Support Individual Privacy and Security

Data scientists, cryptographers and cybersecurity experts, including those who work for the U.S. government, stress how important it is for software developers to practice  “security by design.” In other words, as builders, we’re responsible for considering security from day one of development. This is why, in light of the Apple v. Lynch case, we have serious concerns about deliberately weakening secure communications. Doing so puts the… Read More

Lessons From Germany: Communicating with Customers

Powering modern communication is what we hang our hat on. That means giving you the tools to build instant, context-driven, interactive communications into the apps that interface with your customers. It also means customizing that experience in every region where you do business so that you portray a local familiar brand. This was the idea behind commissioning a small survey in a not-so-small country where we… Read More