Private Tabs Anti-Blocking Browser

WHAT HAPPENED

WE BELIEVE ON AUGUST 20TH TO 21ST
You need to enable "2FA" on your account, this protects your account from people logging in without your permission. HOW TO ENABLE - Click "Settings" found in your toolbar above, then click "Security" on the left side, then check the box that says "Use Two-Factor Authentication".

IF YOU DO NOT DO THIS WE WILL DO THIS ON 9/1/2025

LAST UPDATED: 9/2/2025

WHAT WE DID TODAY TO BETTER COMMUNICATE TO YOU

WE HAVE ADDED A NEW "UPDATES" STATUS BAR ON THE TO OF PRIVATE TABS WHEN YOU LOGIN VS USING EMAIL AND TEXT
We have heard that some customers did not get the email or text communications from us so we are moving to status update system that will appear directly inside of Private Tabs rather than depend on using "email" going fwd. This new message bar will appear at the to of Private Tabs.
WE HAVE ADDED A NEW "SYSTEM OUTAGE AND STATUS MONITOR" PAGE SO YOU CAN SEE IF THERE IS OUTAGE OR ANY SYSTEM WIDE ISSUE
This will also be available in Private Tabs directly once you login via the the account drop down but you can also visit this URL directly to view an system outage. Simply visit http://status.privatetabs.com
WE ARE KEEPING OUR COMMUNICATION TO YOU PRIVATE - MOVING FEATURE REQUESTS, ROADMAP AND VIDEOS TO YOU INSIDE OF PRIVATE TABS
We will be cleaning up the feature request page found at http://updates.privatetabs.com moving it into a new toolbar so only customers can make requests or see upcoming features and news.

WHAT WE DID TODAY TO BETTER SUPPORT YOU

WE HAVE ADDED A INSTANT REMOTE CONTROL SYSTEM THAT
Customer support now has a tool that allows them to click a button and it will pop up on your screen asking they can do a remote assit and instantly start controling your screen with you. So now you no longer have to try and explain to them what your looking at over the phone and they can instantly help you with al your aquetsions.
WE HAVE ADDED "DROP IN" THE OFFICE FOR YOUR ACCOUNT MANAGER - SO YOU NO LONGER HAVE TO BOOK A MEETING IF YOU DON'T WANT TO
If you visit the customer service team page buy clicking here, you can click any person within our office and "drop in" on them if they are available. When you click their name they will now have a little icon that says "DROP IN" letting you instantly ring their desk and see them on live video chat. For example you can still schedule a meeting as well but now you talk to your account manager Fresh by clicking here, or Sega by clicking here or the whole team clicking here.
WE HAVE CHANGED THE WAY WE "WAIT" FOR INCOMING CALLS, CHATS AND EMAILS - MONDAY TO FRIDAY 9AM TO 4PM CENTRAL
Previously all support agents where waiting for calls, chats and emails and any could take the call. This would often result in customer support helping a customer and then no more staff was left to answer the phone. Making everyone "busy" causing calls to go to voicemail or live chats to be delayed and ignored. We have introduced a new concept of "Level 1", "Level 2" and "Level 3" support staff.
LEVEL 1 - 24/7 INCOMING CALL SUPPORT - 414-326-4100
Brandon is our very AI Support agent that is available 24/7 powered by GetVoiceBot.com he has been trained on EVERY ticket and EVERY issue and will be continue to improve as we go fwd. He often knows more than most humans allowing you real-time phone support 24/7. However you can always say transfer me to a human and he will transfer you to Level 2.
LEVEL 2 - CREATE TICKETS / GATHER INFO AND HAND OFF
This is the big change we made, previously if everyone was busy no one would be able to talk to you and it would go to VM. Now you should always be able to speak to a human because we will gather th details confirm the information and then hand it off to someoneelse to work on the actual issue LEVEL 3. This way you will always be able to talk to someone right away and not go to voicemail during busines hours.
LEVEL 3 - SIT ON THE PHONE WITH YOU AND SOLVE THE TICKET
After you talk to the level 2 person they be able to quickly solve your problem and if your issue takes longer then a few minutes they will hand it off to level 3 person allowing them to get back on the phone to monitor for imcing calls.

We are hoping these changes should result in a faster better customer service experience - if that is not true please let us know!

WHAT WE DID TODAY TO PROVIDE EVEN MORE SECURITY

WE HAVE ACTIVATED 2FA ON ALL USER ACCOUNTS BY DEFAULT - THIS CAN NOT BE DISABLED
We have enforced 2FA on all user accounts, previously this was optional that is no longer the case 2FA will be required by default going fwd. This means you will need to enter a special code that will be texted to the email you verified upon sign up.

IF YOU NEED TO CHANGE PHONE: You can change your phone number via the change phone settings in Private Tabs via the settings page found here. Please be aware you will need to validate your existing phone before you are allowed to change it.
WE HAVE REPLACED THE FULL CREDIT CARD FIELD WITH THE LAST 4 DIGIT ONLY
You are no longer allowed to store the full credit card number in Private Tabs, even tho the fields where fully protected and encrypted within our database we made the decision limit exposure to credit cards the last 4 only for any card that is not a "Private Card" credit card. So any 3rd party credit card which you have to manually enter the system will be limited to only the last 4 digits. We may bring back the full credit card field in the futre upon popular request but as if now this has been limited to just the last 4 digits.
WE HAVE REMOVED ALL CUSTOMER API'S FROM THE SYSTEM - MAKING THEM AVAILABLE UPON REQUEST ONLY
Rather exposing these APIs to the admin owner account as previously by default we have removed them. If you wish to use our public API and interface with your account you may request an API key by contacting customer service at support@privatetabs.com to which you will be rquired to sign a document verifying your identify via drivers license or state ID and proof of account ownership via 2fa prompting.
WE HAVE REMOVED THE CREDIT CARD INFORMATION AND PASSWORD INFORMATION BY DEFAULT FROM THE API
If you wish to access these additional properties you must contact customer service and request these two properties are enabled.
WE HAVE ROATED ALL INTERNAL PRIVATE ENCRYPTION KEYS AND LIMITED THEIR EXPOSURE
All critical data stored inside of the Private Tabs data base is and always been encrypted to protect customers data even if a data breach was to happen. This means that the only way someone could have accused your data was to "decrypt" it using our public API and your private encryption key. However
WE HAVE INTRODUCED A NEW "LOW LEVEL API KEY" VS "HIGH LEVEL KEY"
Previously if you shared your customer API key with any vendor if that vendors database was comprimsed your data would be exposed. For example most of the vendors who interface with Private Tabs use YOUR API key to access YOUR data that YOU give them. So lets say you wanted to sync with a phone system you would give them your API key and this would allow them push data to you. They would have to store this key in their data base and hopefully it would be protected and encrypted just like our data. However if they did not do this and you gave them a key and they where comprimised a bad actor could use this key to access ALL of your data. With our new dual key system we are going provide 1 low level key that does not include credit cards or passwords so that you can sync phone numbers or accounts without password data. This way if for some reason your key was comprimised when being stored on a 3rd party system the bad actor would not be able to access any cirtical data such as passwords or credit card data.

WHAT WE HAVE PLANNED TO COMPLETED BY SEPT 30TH 2025 7

YOU MUST BE LOGGED IN TO VIEW ALL TRAINING VIDEOS AND INTERNAL UPDATES

While this is not really making you "more secure" we feel it's a good step to keep industry information private to only customers like yourself. Rather than share more private data on public channels most internal communication will only be able to be accessed if you are logged in.

WE WILL BE ENFORCING STRONG PASSWORDS AND PREVENT REPETITIVE PASSWORD USAGE

Many customers like to use short passwords on their accounts that are very predictable. Going fwd we are going to force all account profiles to use a strong password rule and with that we are not going to allow customers repeat passwords. We understand that it is very common for customers to the same passwords on all accounts or rotate between a set of 3 or 4 passwords they remember. We are no longer going to allow this and instead quire a strong password that has not been used previously.

WE WILL NOTIFY YOU IF YOUR EMAIL ADDRESS HAS BEEN SHARED ON THE "DARK WEB" USING IBEENPAWNS

There is a API service known as "https://haveibeenpwned.com" which will tell you if your email accounts have been exposed or ever shared on the dark web, this is the same service popular password managers such as 1Password use and charge a premium fee for. Basically if you create an email account and enter it private tabs we will check to see if it was ever used in the dark web and then give it a health store rating letting you know that your email may have been compromised and you should purhaps use a different email account.

WE WILL MIGRATE ALL SENSITIVE DATA TO A PCI COMPLIANT TOKEN SYSTEM KNOWN AS VGS VS ENCRYPTION ONLY Previously data was encrypted and store in our database and secured using the latest AES-192 level encryption. However, we are going to go one step further and use AES-256 PCI Compliant data storage and encryption via tokenization. We have partnered with "Very Good Data (aka VGS)" which is the leading industry PCI Compliant data token storage system. If you're not familiar with what "PCI Compliant" means it means that the level of encryption and tokenization meets the security standards set by the Payment Card Industry Security Standards Council (PCI SSC) to protect cardholder data during transactions. To learn more about this please visit https://www.verygoodsecurity.com

WE WILL BE ADDING 2 STEP PROMPTING WHEN YOU PUSH AUTOFILL ON A PASSWORD OR CREDIT CARD FIELD

If you enter a field and try to autofill the password or credit card you will be prompted with 2FA code. So when you push Autofill if the field is a pasword field or credit card field before it autofills you will have to enter a 2FA code. We realize this will slow you down when autofilling your credit cards but it will be more secure by default. You will be able to turn this feature off if you wish upon request.

WE WILL BE ADDING A "IDLE TIME OUT" AFTER 15 MINUTES

If you leave Private Tabs running on your work computer and you do not touch it for 15 minutes you will be prompted to enter a 2FA code again to activate the Private Tabs account.

WE ARE GOING TO ROTATE ALL INTERNAL AWS HOSTING ENVIRONMENT TO RESTRICTED TO NORD BUSINESS VPN IPS NODE

Previously all hosting environments where protected via 2FA and advance firewall system, in addition to this level of security we are also going to restrict this environment to specific internal IPs. The idea is that only someone located within our virtual office, using our business VPN network node would be able to access the aws console, outside of that IP rang you would not even be able to access our internal system.

WE ARE GOING TO BE ADDING A PASSWORD TIME OUT AFTER 30 DAYS TO REQUIRE A RESET

This will require a password reset every 30 days

WHAT YOU NEED TO DO ASAP!

STEP 1 -
You need to enable "2FA" on your account, this protects your account from people logging in without your permission. HOW TO ENABLE - Click "Settings" found in your toolbar above, then click "Security" on the left side, then check the box that says "Use Two-Factor Authentication".

IF YOU DO NOT DO THIS WE WILL DO THIS ON 9/1/2025

WHAT WE HAVE DONE - GOING FWD TO ENSURE EVEN GREATER PROTECTION ON YOUR ACCOUNT
-