Question
How can I store sensitive client user information in my backend without having the ability to decode data? But the user can request this data from backend on another client and can decode data.
For example, lets assume a backend and 2 clients. Client 1 can send data to Client 2 but the communication is async and the backend has to store this data. But the backend has to assure client users that it has no intention on reading the data and no ability to decode this data.
Solution
You could implement the principle of PGP:
Client 1 would be left on the image, Client 2 on the right, and your server inbetween. Since the clients only need to know each other's public keys, your server can take care of exchanging their keys. The only trust issue that could arise is the storage of the private keys: this would be handled by your app. Clients have to be sure that this is handled in a proper way. One way for them to check would be to decompile your app.
https://stackoverflow.com/questions/19756132
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian