Private by Default

Feature Spotlight

Private by Default

The Private by Default feature of Cobrowse minimizes the risk of sharing sensitive or unwanted data during a co-browsing session. When enabled, no text, images, or any other content from your websites or apps is shared with the Agent unless it is explicitly allowlisted as safe to share.

Minimal access is an element of zero trust architecture, which has become increasingly important as organizations move more applications to the cloud. With data privacy a principal concern for digital enterprises, Private by Default offers an additional level of assurance that sensitive personal information is not compromised.

Window wireframes with cobrowse components

Why it matters

Data redaction is essential to protecting customer information, building customer trust, and meeting your compliance requirements, such as GDPR, CCPA, HIPAA, and PCI. Private by Default is the more conservative and reliable method of data redaction for companies processing sensitive customer data.

Traditional “blocklist” data redaction requires you to allow all website and app content to be visible to agents by default, and then only specifically blocklisted fields are masked. This approach means you need to have an ironclad quality assurance process to check every unwanted data field is masked before releasing new versions of your website or app. This increases the risk of human error and slows down your time to market for every update.

Instead, this “privacy first” approach enables you to prevent sensitive data from ever leaving the end-user’s device. It also means you don’t slow down your release cycles through a lengthy and error-prone quality assurance process to make sure no newly introduced elements are leaked. Your teams can release quickly and confidently without extra steps to confirm the appropriate exclusions are properly configured.


Cobrowse features Private by Default data redaction across all Web, Android, and iOS platforms, in which only explicitly allowlisted data fields are shared with an Agent during a co-browsing session.

This is a highly sought-after feature among enterprise clients across financial services, telecom, retail, and health, and the Cobrowse implementation of this feature is unmatched in the industry.

Cobrowse also supports standard “blocklist” data redaction, fine-grained redaction within native webviews in your mobile apps, and hybrid mobile apps and modern mobile app frameworks like iOS SwiftUI and Android Compose. Across larger or more complex digital properties, each team, website, or even individual pages can be managed independently since Cobrowse enables multiple redaction strategies to be used in concert.

Within Cobrowse, all data redaction rules can be configured both client-side and server-side. This allows separate teams, for example a different non-technical team, within your organization to manage your redaction settings.

With all of Cobrowse’s data redaction methods, when an element is redacted, the data will never be transmitted through the Cobrowse software and will never leave the End-User’s device.

Cobrowse provides us with a custom solution where everything in-app can be redacted by default, leaving us to un-redact non-sensitive information. This option is important for us to prevent leaking sensitive data accidentally.

Quynh Nguyen

Product Manager, Klarna Bank AB


Harness the power of Cobrowse to enable both agents and customers to succeed.