The communication via WhatsApp Business API is based on the WhatsApp set-up of virtual machines or virtual containers with WhatsApp software installed that communicate with the WhatsApp server. The software (docker image) for encryption and decryption of WhatsApp messages must be hosted by the Facebook Business Solution Provider (BSP), usually in a cloud environment. When we talk about hosting of WABAs, it means the hosting of the encryption software that enables encrypted end-to-end communication between business and its customers. At the same time, this set-up enables conformity in terms of data security.
Messages are encrypted between the WhatsApp app on a user’s smartphone through the WhatsApp data centers until it reaches Docker containers hosted by an official Facebook Business Solution Provider (BSP) like 360dialog. Only in these containers the decryption takes place. The Docker containers are installed in a highly redundant and multi-connect environment. These are the (modular) components:
1. REST API container: The API container provides endpoints to interact with the Business API.
2. Backend service container(s): The backend service runs the application communicating with the WhatsApp servers. It uses encrypted connections exclusively.
3. External/containerized database: WhatsApp provides two options for the database, a connection to an existing MySQL database server or a database container.
4. Backend processing: When the Docker container receives an incoming message, it will trigger a (pre-configured) webhook including message details (attachments are only sent as links).
The API acts like a third-party, remote REST API. 360dialog has built a solid and redundant infrastructure around this. Because of using Docker, the setup is highly scalable.
After sending, the messages are processed to the WhatsApp Business container where they are encrypted and dispatched into the WhatsApp infrastructure and finally pushed to the targeted device, where it is decrypted.
IP whitelisting is a security feature often used for limiting and controlling access only to trusted users. IP whitelisting allows you to create lists of trusted IP addresses or IP ranges from which your users or other applications can access your domains.
Our servers are working only in HTTP SSL connection on port 443 (standard for HTTPS).
Communication to us is always realised by address IP 184.108.40.206. Communication from us is always realised from one of the following IPs: