Skip to end of metadata
Go to start of metadata

Security and privacy requirements

  • Buddies must be able to assign use nicknames
  • The user must enter a PIN or authenticate through specific hardware like a finger print scanner every time they open the Yona app
  • In case an attacker gains access to the system, they should not be able to
    • Associate the captured URLs with the people that visited them
    • Build a quantitative understanding of whether a user accomplishes their objectives. In other words: it should not be possible to see how often a user has accessed URLs that conflict the objectives they have set
    • See what people have signed up for Yona, nor what their goals and buddies are.


  • Flow - Sign upThis page describes the flow that a user goes through when signing up for Yona.
  • Flow - Connect to a buddyThis page describes the flow that users go through when connecting to a buddy
  • Flow - Register a goal conflictAny time the user visits a page that conflict the goals they have set, that conflict needs to be registered and communicated to the buddy. This page describes the different solution alternatives and concludes which one will be taken for implementation.
  • Flow - Add another deviceInitially, the user will start running the app on one their smartphone. Later, they might want to add a second device (phone or tablet), for instance at the time the want to replace their initial device with a new one. This page covers the flow the user goes through when adding another device.
  • Flow - PIN resetIf strong device authentication (e.g. finger print scan) cannot be used for the app, the app will be secured with a PIN. This page describes the flow the user goes through when resetting the PIN.
  • Flow - Recover from device lossGiven that all data on the server is encrypted in such a way that it can only be decrypted with the key that is stored on the secure storage of the device, recovery of device loss requires special treatment. This page describes the flow the user goes through.
  • Flow - UnsubscribeIf a user doesn't want to participate in Yona anymore, they need to be able to unregister themselves. This page describes the flow.

  • No labels