High5.ID Security Statement
Last updated: 2020 10 13. Effective Date: 2020 10 13
o Credentials and associated licenses enabling an ORGANIZATION to operate HIGH5
o A formal agreement between HIGH5.ID COMPANY and the ORGANIZATION
· CONTRACT COMPLETION
o The moment when a contract between HIGH5.ID COMPANY and an ORGANIZATION terminates
o A computing device, including mobile phone and desktop systems.
· DIY CAPTURE PAGE
o A web page enabling an INDIVIDUAL to “Do It Yourself” capture a photograph and other information, for example to create an ID card or a yearbook mug shot
· HIGH5.ID COMPANY
o The publisher of HIGH5.ID
· HIGH5 SERVER
o The physical location of the code and database accessed by HIGH5
o A person whose information is stored by HIGH5
· INDIVIDUAL DATA
o Information uniquely associated with a specific INDIVIDUAL
· INDIVIDUAL-GENERATED CONTENT
o Data created by INDIVIDUALS other than INDIVIDUAL RESPONSES
o A physical HIGH5 installation at a POE
o A token enabling use of a set of HIGH5 features. Licenses typically expire or count down to zero uses remaining.
· LEA ORGANIZATION
o A Local Educational Agency - a School or District – making use of HIGH5 as a client, as the case may be
o The client making use of HIGH5
· ORGANIZATION REPORTS
o Data exports of various types including Tardy and Visitor Logs, triggered by ORGANIZATION staff
o A physical Point Of Entry at an ORGANIZATION
o An INDIVIDUAL with custody over a STUDENT at an LEA ORGANIZATION, including legal guardians
· PERSONAL LANDING PAGE
o A web page personalized for a specific INDIVIDUAL, exposed by an ORGANIZATION.
o Data associated with a specific INDIVIDUAL by HIGH5
o Content created by INDIVIDUALS, including textual responses, photographs taken by HIGH5 or submitted to HIGH5 by INDIVIDUALS
· SOLUTIONS / HIGH5
o The High5.ID system, encompassing the online databases and code comprising the totality of experiences for end users and administrators
o An INDIVIDUAL receiving instruction at an LEA ORGANIZATION, who may be a minor
o The totality of INDIVIDUALS, ORGANIZATION staff, PARENTS, and RESELLERS
· TEAMMATE / RESELLER
o A regional representative of High5.ID working directly with an ORGANIZATION
High5.ID hereby states:
In compliance with COPPA and other regulations, the following notifications will be visible:
1. on the HIGH5 KIOSK:
Link from the welcome page: privacy information
The HIGH5 system makes use of information provided by this school to identify students. This information was provided by the school under the terms of a contract which imposes strict confidentiality requirements.
HIGH5 additionally tracks entry and exit events, notes and conditions entered by school administration, and comments entered by the student themselves in response to questions.
This information is presented to the receptionist to aid in decisions to allow entry or exit to students, and to generate reports detailing visits logs.
Adults wishing to review or modify the information collected by this system should present themselves to the receptionist at this school, who may at their discretion comply with your request.
2. on the HIGH5 DIY CAPTURE PAGE:
Before proceeding to capture photographs or providing contact details, the following message is shown:
You must be 13 years or older to proceed.
By submitting a photo, you grant your school the right to reproduce it in ID cards, the yearbook, and other customary school purposes. Please review your photo carefully. Your school, yearbook company, High5.ID and its teammates assume no responsibility for the content of submitted photos.
In order to proceed, the user must click “I am 13 or older”.
In compliance with COPPA and other regulations, the following notifications will be suggested to the ORGANIZATION for broadcast to parents:
Our school has adopted the High5.ID ID management system.
This system was installed to enhance safety for our students and staff: it tracks entries and exits from the school and ensures that our administration know who is in the school and can communicate efficiently with community officials in the event of emergency.
The system tracks the same basics as our school information system - your student’s name, a photograph, which class they belong to. It tracks when students have been early or late, with the reasons given. It also keeps a record of all adults (volunteers, replacement teachers, visiting parents) who enter the school.
The information collected by the system will not be shared with any third party with the exception of law enforcement, should the need arise.
Use of this system is mandatory for all students and visitors to the school. You are welcome to ask reception for permission to see the records for your student.
COPPA §312.4.c requires explicit parental approval for disclosure of a child’s personal information, the ability to opt out of collection, and rules for automatically deleting students whose parents have not provided permission within reasonable delay.
High5.ID suggests that the needs of a security system differ from normal student-oriented websites. It would be impractical and undesirable to have some students recorded in the database and others not. Requiring all students to be listed in the system supports the school’s goal of security.
○ Last Name
○ First Name
○ Role (student, staff, visitor…)
○ Student ID Number (corresponding with Student’s permanent record)
○ ASB membership
○ SMS-enabled mobile number
○ Email Address
○ Digital ID status
○ In-person Admissibility
○ Status at organization
○ Date of birth
○ Guardian email address
○ Guardian SMS-enabled mobile number
○ Company Name
○ Personal Government ID Number (typically a drivers license)
○ RFID Code
○ PURL for individual in RESELLER website
○ Locker Number & combination
○ Notes (custody, behavior, etc)
● HIGH5 History Optional information (based on use of additional solutions)
○ Entrance and Exit history
○ Reasons supplied for ingress or egress
○ Results of Sex Offender Database lookups
○ Attendance at courses
○ Presence at school-related events
● No information is stored on-site at the ORGANIZATION except transient browser caches; all information resides on the HIGH5 SERVER. There is no database present on ORGANIZATION hardware.
● Physical locations for the HIGH5 SERVER are:
○ For our domain (hosting and serving of pages) and for maintenance scripts: We use GreenGeeks in California, USA. Physical security measures are in place to prevent unauthorized entry to the site.
○ For our database: we use Google Firebase Realtime Database, a cloud-based system which stores data in central U.S. locations.
● All communications between the HIGH5 KIOSK and the HIGH5 SERVER are encrypted end-to-end via SSL.
● Hosting and database structures run on a secure host that restricts external access via High5word. Access tokens for the database are encrypted and persisted locally as cookies, a common and trusted approach to security.
● In addition to the userID/password, we use Firebase’s support for pre-shared public/private keys to access any infrastructure. Even if someone gets the user ID / High5word pair, they will be unable to access our database from a custom application because the public key is bound to our specific application.
● HIGH5 uses Firebase, a BaaS (backend-as-a-service) headless server providing secure and encrypted access to connected clients based on
○ a set of rules (e.g. Organization A has access to its own students/staff but does not have access to individuals from Organization B)
○ access tokens (e.g. encrypted local copies of the credentials saved as cookies).These tokens are recycled according to browser configuration. Clearing caches will also invalidate the cookies.
● Firebase is offered by Google, which provides world class security to ensure that unauthorized access is prevented. Details can be found here:
● The Firebase database supports automatic demand-based server scaling (both physical resources such as RAM and CPU power, and data such as the number of individuals tracked by the database); this enables HIGH5 to dynamically handle as many users as required.
● A maintenance server using Apache and PHP runs clean up and maintenance scripts at regular intervals; these are hosted and run on our servers. Example scripts include: closing visits for individuals that checked in but did not check out; flagging individuals who were late multiple times; and analytics to create daily reports to be sent to ORGANIZATION staff.
● We make use of Firebase’s alert systems to monitor system logs and ensure system uptime and performance.
● The database is backed up daily to ensure that logs and records are not lost in the event of catastrophic failure or application error.
● Images are served to the client browser using obscured URLs to enhance image security. These URLs cannot be predicted or reverse engineered in order to gain access to other images.
● As with all database access, intruders cannot access images via the database without a secret key which is held by High5.ID alone in a secure location.
=========== ENDS ===========