Knowledge Base

⌘K
  2. Home
  4. Docs
  6. Knowledge Base
  8. Message Setup
  10. Secure Messaging
  12. Secure Message Contact PINs

Secure Message Contact PINs

Secure Messaging is currently in BETA. To request access, please email us at support@apptoto.com.

To help ensure the privacy of sensitive information, Apptoto allows you to require clients to enter a Personal Identification Number (PIN) before they can view Secure Messages you send them. This feature is especially useful when sharing appointment details, documents, or other confidential information via SMS or email.

You can configure Secure Messaging PINs in three ways:

Set a Default PIN for All Contacts

If you want to apply the same PIN to every contact by default (unless a custom PIN is set), you can configure a global default in your Apptoto settings.

To set a default PIN for all contacts:

  1. Go to Messaging > Secure Messaging in the Apptoto portal.
  2. Locate the Default Contact PIN field.
  3. Enter your preferred PIN (e.g., a 4-digit number).Require a PIN for clients to access their secure messages for added security
  4. Click Save Settings at the bottom of the page.

⚠️ This PIN will apply to all contacts unless a custom PIN has been defined for an individual contact or through your address book.

Manually Set a PIN for a Specific Contact

You may want to assign a unique PIN to individual clients (for example, if they request it or have heightened security needs).

To set a unique PIN for a contact:

  1. Navigate to the Contacts tab in the Apptoto portal.
  2. Search for the contact you want to edit.Add a secure PIN to individual clients or patients via the Contact tab.
  3. Click the Edit icon (pencil/paper) next to the contact’s name.
  4. Scroll down to the Secure PIN field.
  5. Enter the desired PIN.Add unique contact-level PIN via the Contacts tab.
  6. Click Save.

✅ Once saved, this PIN will override this contact’s default PIN (if one is set).

Use a PIN Field from Your Address Book

If you maintain PINs externally (e.g., in your CRM or address book), you can use a custom field to define a unique PIN for each contact. This is especially helpful for organizations that already assign PINs as part of their onboarding or security process.

To configure Apptoto to use a custom field for contact PINs:

  1. Make sure your contacts include a field for secure messaging PINs (e.g., “SecurePIN”) in your Address Book or CRM.
  2. Navigate to Settings > Field Settings and click “+ Add Custom Contact Field.”
  3. Give the field a Label that matches the name of your secure PIN in your CRM or address book. This will auto-generate the Field Name. Click Save. Add a custom field for your secure PIN field.
  4. Go to Messaging > Secure Messaging in Apptoto.
  1. In the Default Contact PIN field, enter your custom field tag using double curly brackets:
{{ custom.my_secure_pin_field }}
  1. Replace my_secure_pin_field with the actual name of your field (e.g., secure_pin). Utilize a PIN stored in your CRM or address books for clients' to access secure messages
  2. Click Save Settings.

When Apptoto sends a secure message to a contact that has a PIN in the specified field, the recipient will be prompted to enter the PIN before they can view the secure message.

What Happens When a Message Is Secured with a PIN?

When a secure message is sent:

  • The recipient receives a link to view the secure message.
  • Upon clicking the link, they are prompted to enter their PIN.
  • The message content is displayed if the PIN matches what’s on file.
  • If the PIN is incorrect or missing, access is denied.

Best Practices

  • Use unique PINs for higher security, especially in healthcare, legal, or financial settings.
  • Communicate PINs securely to clients (not via the same message that requires it).
  • Test your secure message workflow before sending to ensure everything is configured correctly.
  • Avoid common PINs like “1234” or your business phone number. These are easy to guess.
  • Use alphanumeric PINs for added strength. There’s no length limit, so choose a secure and memorable code for your client.