Bubble is the leader in NoCode. It is the best way to build webapps without code. Bubble is the most powerful no-code platform for creating digital products. Innovative companies like Zendesk, Lyft, Loreal use Bubble to create webapps.
Also, anyone accessing a Bubble account can view sensitive data in plain-text, introducing liability if that data is leaked or stolen.
Bubble logs sensitive data, including API Keys on servers. So, from a security and compliance perspective, that violates security best practice recommended by compliance and privacy laws.
How does Strac protect Bubble customers?
Strac launched a Bubble plugin and you can see the launch post on Bubble forum. Strac is HIPAA Compliant and will sign BAA agreement with customers who want to secure their sensitive PHI (Personal Health Identifiable) data.
Use Strac Bubble Plugin
Strac has built a Bubble Plugin that makes it easy for Bubble developers to collect and display sensitive data and send data to third-party partners if needed. Strac Bubble Plugin does the following:
To Collect Sensitive Data
Strac uses widgets (iFrames) on the front-end where Strac's widget will collect data. Due to iFrames, Strac can never access data residing on Customer's page, and vice-versa, the Customer can't access Strac's data residing in the iFrame. This security isolation ensures that Bubble never sees sensitive data during collection.
Strac will store sensitive data in its secure vault and generate tokens for the sensitive data.
In both cases, the Strac widgets are highly customizable.