 "How LINE's engineering team tackles security")
Instant messaging apps are an attractive target for malicious attacks. Understandably so — much of our lives are poured into our conversations with others, including our whereabouts, private information, and photographs.
One such app is LINE. Fresh off the IPO boat, the subsidiary of the Naver Corporation boasts 220 million users.
To support the many new features that LINE has introduced since their IPO, LINE has expended significant resources to construct a scalable architecture that not only supports these features but protects the information transacted each day.
Meet LEGY
At the heart of LINE’s architecture is the Line Event-delivery GatewaY (or LEGY), a custom-built API gateway server that ensures that everyone can use LINE no matter the device or platform.
It was created to support the application-layer protocol SPDY (pronounced speedy) used by the app to safely and efficiently transport messages between users.
More From This Section
End-to-end encryption
E2EE ensures that neither potential eavesdroppers nor LINE can decode (or decrypt) an encrypted conversation.
Messaging uses dedicated, per-user static ECDH keys; in contrast, voice calls are encrypted by ephemeral ECDH keys, which are generated only when a call begins and discarded once the call ends.
Risk Assessment for games
Anyone familiar with game production will understand how treacherous game hackers can be. That’s why part of a platform’s security measures exist to assess risk from hacks. Though not exactly a security risk, gamers often worm their way past an app’s mechanics to manipulate the game.
Crowdsourcing security
As the open-source community has shown, the culture of learning from each other’s experiences and progression goes a long way to improving your abilities and products.