Children's invitations that give friends & family the option to contribute to your child's savings, experiences and charities.Learn more
November 25, 2020
When you use Little Futures, you entrust us with private information so we can create your child’s invitation (their name and age, plus the date, time and address of the party). It is therefore vitally important to us that your shareable invitations are only accessible to your guests!
This post is an attempt to show the thought and care that goes into how we design the Little Futures application. Making sure your data is secure, while also making the system as simple to use as possible.
Security is often in conflict with usability. One simple way to ensure that only guests can access an invitation is to require the parent to enter a list of permitted email addresses. Guests would then have to create an account on Little Futures and if the email matches they would, only then, be allowed to see the invitation.
This approach is secure, but not particularly usable. The parent has to enter a long list of emails (what if they only know someone’s phone number?), they need to know all the guests emails, and each guest must create an account (extra effort, plus what if they use a different email?).
Little Futures is competing not only with other invitation providers, but also with any alternative choice a parent might make when preparing a party. For this reason we want to make sure that every process is simple. So what if you could just send a link?
Sharing a link is far simpler. You can email, text, WhatsApp, or even write it in a letter! A simple implementation would look like www.littlefutures.org/events/7344 where 7344 is the id of the event. This is a far more usable approach, however, there is a security concern. A malicious user could attempt to iterate through all event ids and try to find other events! We protect against this in 3 ways:
Incremental numbers are easy to guess. If you know there’s an event with id 7344, you can easily guess that other events may exist for 7343, 7345 etc. Instead of this, when an event is created we generate a random alphanumeric id (eg. 3KE3). Because they’re random, there is no way to know what comes next (3KE3 doesn’t mean the next event will be 3KE4). In addition, a 4-digit id only has 10,000 combinations (0 to 9999), whereas a 4-character alphanumeric id has 1,679,616 combinations! We added a few further tweaks to aid usability:
As soon as an event ends, the invitation becomes private and cannot be accessed even if you know the URL. We only want to show the event information for as long as it is relevant and it is good security practice to make it private as soon as it is no longer helpful.
We monitor all logs and if we detect a user is trying to guess event URLs we will proactively block them. This has not yet occurred but we are prepared if and when someone tries to.
Birthdays, Christmas or any of your child’s special occasions. Create an invite with Little Futures and send it to your guests, we’ll ensure it’s simple and secure!