Project frequently-asked questions

Does Databunker work as CRUD for user records / easy to DIY?

Secure user record CRUD is just a part of the Databunker.

When saving records in Databunker, Databunker knows to extract user email, phone, login identity, and custom identity and built a secure hashed-based index for quick user record lookup.

In addition in Databunker, you have a secure session storage API, temp shareable identities API, automatic record expiration and removal, compliance with pseudonymization, DPO management tool, user-accessible UI, and many more features.

How do I search for all orders from a guy named John?

Databunker supports customer record lookup by login name or email address or phone number or token value. So, if you have one of these values, you can fetch customer orders from the orders table.

How to backup the Databunker database?

If you are using MySQL as a Databunker backend database you can use the standard mysqldump command.

For SQLite, Databunker has a special API call to dump the internal database. You can run the following command to dump the database in SQL format:

curl -s http://localhost:3000/v1/sys/backup -H "X-Bunker-Token: $TOKEN" -o backup.sql

Does your product support multi-master replication?

For that you will need to use MySQL as a backend database and configure database replication on the MySQL level. You will need to do it by yourself or use the cloud version provided by AWS, Google Cloud, Microsoft Azure, etc…

When SQLite is used it does not support database replication.

Can my DBA tune database performance characteristics?

Almost all Databunker requests are using database-level indexes when performing API calls. We would love your DBA to check product database schema for improvements. If we are missing something let us know.

What is the difference between the tokenization solution XXX and Databunker?

Most commercial tokenization solutions are used to tokenize one specific record, for example, customer name or customer email, etc… These distinct records are not linked to one customer record. In our solution, we tokenize the whole customer record with all the details, which gives us many additional capabilities. So, in our system, the end customer (Natural person or data subject) can “log-in” into his profile, change the personal records or manage his consents, or ask for forget me. In addition, we provide many additional APIs to help with GDPR compliance.

The following is a partial list.

PII PII
* Name * RFID
* Address * Contacts
* IP address * Genetic info
* Cookie data * Passport data
* Banking info * Driving license
* Financial data * Mobile device ID
* Browsing history * Personal ID number
* Political opinion * Ethnic information
* Sexual orientation * Health / medical data
* Social Security Number * Etc…

Technology stack?

We use go-lang to build the whole project, with 80% automatic test coverage. The open-source version comes with an internal database (SQLite) or an external database (MySQL) and Web UI as one executable file to make the project easy to deploy.

Does the product support encryption in motion and encryption in storage?

For encryption in motion make sure to set up HTTPS SSL certificates. To stand encryption in storage requirements, Databunker encrypts all customer personal information or securely hashed before storing it in the databases.

All customer records are encrypted with a 32 byte key comprizing of System Master key (24 bytes, stored in memory, not on disk) and customer record key (8 bytes, stored on disk). The System Master key is kept in RAM and is never stored to disk. Enterprise version supports Master key split.

Does Databunker is end-user facing?

Yes. The end-user, according to GDPR, the end-user must have control over the personal data. The user can change the personal data, give or withdraw consent, request forget-me. All user operations can be self-service (automatically enforced) or with DPO / Admin approval.

Does Databunker is a wrapper for an existing database?

This product is not a wrapper for an existing database. It is a special service used to encrypt and store personal records in a privacy-compliant way. The service provides a REST API to store and update user records in JSON format; customer-facing web UI to your csutomers to provide visibility into the customer’s personal data.