Pendo Launcher security and privacy

Last updated:

Pendo has historically been installed by inserting a JavaScript snippet (install script) into a company’s own web application to help them improve the user experience with in-app guidance, analytics, and feedback tooling.

To install Pendo on third-party applications, we developed the Pendo Launcher browser extension, which includes the Pendo agent within it. The browser extension allows you to collect data and deliver in-app guidance to visitors of the third-party applications used by your company.

How it works

Rather than loading the Pendo agent from the Content Delivery Network (CDN) provided by Amazon Web Services (AWS) CloudFront with an install script, the Pendo Launcher is privately published through the browser’s web application stores (such as Chrome).

Most browser companies don’t allow injection of remote code. For this reason, Pendo can only run code that’s bundled into the Pendo Launcher extension and can’t pass code blocks for extension applications.

Additionally, the JavaScript code for Pendo only runs on webpages that have been configured by your Pendo Admin users. This means that Pendo doesn’t collect data on every page a user navigates to. We provide tools for administrators to control which pages Pendo is running on, and to ensure that end-users are aware of where and when Pendo is active on their browser. For more information, see Privacy Center in this article.

Browser web stores

To appear in web stores, the Pendo launcher must be fully compliant with their privacy and security policies. Because the Pendo Launcher must be deployed directly from the browser’s web store, man-in-the-middle attacks and cross-site scripting are avoided.

Because the Pendo Launcher must be deployed directly from the browser’s web store, certain permissions must be granted to the extension for Pendo to work properly. These are web browser requirements that can't be adjusted.

By default, the extension collects no data about visited webpages. It only collects data on web applications that have been configured within your application settings. Below is a list of permissions from each browser's web store.

Chrome and Edge

  • Read and change all your data on all websites. This permission allows Pendo to collect Page load and Feature click behavior on the application domains you configure within your subscription and provides in-app guidance.
  • Know your email address. This allows Pendo to identify your users based on their current browser session ID. This is an optional identification method. Pendo doesn't collect this information by default.

Firefox

For more information about the specific permission requests from Mozilla, see their article: Permission request messages for Firefox extensions.

  • Access browser tabs. This permission allows Pendo to collect data about Page load behavior on the application domains configured within your subscription.
  • Access browser activity during navigation. This permission allows Pendo to collect data about Page load behavior on the application domains configured within your subscription.

Access your data for all websites. This permission allows Pendo to collect the Feature click behavior on the application domains configured within your subscription and provides in-app guidance.

Code blocks

As part of its Manifest V3 (MV3) API for Chromium extensions, Google Chrome has mandated that “injection of remote code is not allowed”. For details, see Google's Overview of Manifest V3.

This standard has been accepted by most browser companies, including Microsoft (Edge) and Mozilla (Firefox). This prevents Pendo from running JavaScript code that isn't bundled as part of the Pendo Launcher extension and reviewed by Google’s Web Store team. As a result, Pendo is unable to pass in code blocks that are defined separately from the extension itself. Thus, we've removed the ability to pass code blocks for extension applications.

Instead, we provide a robust UI to help you build impactful guides without the need for coding. The UI includes configuration, format, and styling options that you can use instead of writing code. For more information on guide format and style options, see Manage guide styling with themes.

Privacy Center

On any page, the Pendo Launcher indicates whether it's active based on whether the extension icon is gray (inactive) or pink (active). From here, you can open the Privacy Center, which provides general information about the Pendo Launcher, as well as information that's specific to your organization’s configuration, including a list of all applications that belong to the subscription. 

Users with the Pendo Launcher installed can access the Privacy Center by right-clicking the extension icon in the browser toolbar and selecting Show Privacy Center.

Extension applications

With a Pendo Launcher deployment, a Pendo Admin user defines which applications Pendo runs on. This ensures that the extension only injects the Pendo agent onto pages that match the set of hostnames you provide as part of the process for adding extension apps. You can also use selective URLs to focus your analytics on specific business processes rather than every possible activity. 

View your applications list

To see a list of applications configured with the Pendo Launcher:

  1. Right-click the Pendo Launcher icon in the browser toolbar.
  2. Select Show Privacy Center from the dropdown menu.

    Show Privacy Center.png

  3. Select Applications to expand the list.

    Privacy Center.png

 

Was this article helpful?
0 out of 0 found this helpful