Encrypting data in Supabase
Hey, I am building a mobile app in Flutter which connects to the Apple HealthKit and works with the users blood glucose data. I don't store any of that in the database. The user can manually log his insulin doses, which get stored in the database.
My question here is, what is the best way to encrypt that data in Supabase, so that me -- a developer, am unable to see users private health data, but the user can access it normally on his device. Is the best way to generate some kind of token, store it on device and then encrypt everything before sending it to Supabase? Are there any better approaches? I guess the edge cases in my idea are what happens if you log in to another device etc. Thanks!
2 Replies
Nothing particular involved with Supabase in this and nothing from the DB side is going to solve it as you could always get access if you store any data encrypted with keys kept on the server side.
While you wait to see if any user has done something I would ask AI's or do web research on client side encryption.
Thanks for the quick response, I have been looking into some articles about client side encryption, that seems to be the most promising solution so far.