Foxit AI Assistant
Security Overview

Foxit Security

Foxit Software places a strong emphasis on security to protect its software and user data. We follow secure software development practices, including code reviews and vulnerability assessments, to identify and address potential security vulnerabilities. Encryption is utilized to safeguard sensitive data during transmission and storage. Secure document handling features, such as password protection and digital signatures, are implemented to prevent unauthorized access and tampering. User authentication mechanisms, including password-based authentication and multi-factor authentication, ensure that only authorized individuals can access specific features or perform certain actions.

About Foxit AI Assistant

Foxit AI Assistant is integrated with Azure OpenAI and Azure AI Document Intelligence, both are innovative solutions that help users understand and interact with documents more effectively. By combining advanced artificial intelligence technology with powerful language processing capabilities, the Foxit AI Assistant offers a range of functions that enhance productivity and streamline document comprehension.

  • Document Summary - The OpenAI summary service uses artificial intelligence to generate a concise and accurate summary of a given text input.
  • Document Re-write - The OpenAI rewrite service uses machine learning to automatically paraphrase or rewrite text while maintaining its original meaning.
  • Content Translation - Translating selected text into corresponding languages.
  • Document Q&A - Have a conversation with PDF and answer user questions based on PDF content.
  • Content Explanation - AI-powered feature that provides concise explanations and definitions for selected text.
  • Spelling and Grammar Correction - AI-powered feature that automatically detects and corrects spelling and grammar errors in your content.
  • SMART PDF COMMANDS - Operate PDF functions through our AI Assistant for efficient document processing.

Foxit's Commitment to AI Security

Building Trust in AI for Documents

At Foxit, we have a neutral approach to Large Language Models (LLMs), enabling us to leverage the most effective technology for each specific task. For the generative AI features of Foxit AI Assistant, we currently utilize Microsoft’s Azure OpenAI Service, which is contractually prohibited from manually reviewing or training its LLM on Foxit customer data.

To ensure we provide responsible responses, we use content filtering services to moderate inappropriate content. All reported content, bugs, or vulnerabilities and user-provided feedback are strictly accessible to a limited number of trained Foxit employees. These employees use both algorithmic and manual processes to address reported issues within the Foxit AI Assistant.

Respect for Customer Data

No Foxit customer data is used to train or fine-tune any LLMs. For a document to generate summaries and insights, a user must activate the AI Assistant or summary buttons. We also provide guidance on how users and organizations can disable the AI features in Foxit AI Assistant, if desired.

Foxit AI Assistant analyzes the information provided in the document and generates responses based on the document's content and the knowledge base of the model. Chat history remains under the user's control for deletion or query continuation. Except for the chat history retention and any content reported by the user, all other data are automatically deleted from Foxit cloud services after 48 hours.

Built for Business

Foxit AI Assistant provides enterprise-level data security and information governance capabilities, including granular admin-level controls for selecting users or user groups for access. To support data security, we have built robust testing and monitoring methodologies.

All user content, prompts, and responses are encrypted in transit. At rest, any data stored by Foxit AI Assistant is encrypted using AES-256-bit. The AI Assistant responses are for individual consumption only, ensuring privacy even when documents are shared.

Foxit AI Assistant Architecture

The AI Assistant is composed of two parts:
  • Foxit Editor/Reader for Desktop, Mobile, Cloud - On Foxit Editor/Reader, users can open the AI panel and use AI functions by clicking the AI Assistant button on the toolbar.
  • Foxit AI Assistant Service - When using AI Chat, Foxit Editor/Reader sends the target PDF document to Foxit AI Service. Foxit AI Service parses the PDF document and extracts content related to the query, it then calls Azure OpenAI to generate answers. To improve the response time of AI Q&A, the PDF content will be cached for up to 48 hours, and then automatically deleted.
Data Storage

When users use Foxit AI Assistant, AI Assistant mainly generates the following data:

  • Chat History - User's chat history. This data is stored in the current session and will be automatically deleted after the session ends.
  • PDF Content - PDF content related to the query, including the PDF document and the results of PDF parsing. To improve the response time of AI Q&A, PDF content will be encrypted using AES-256-bit and cached for up to 48 hours, then it will be automatically deleted. The encrypted data is stored in Amazon EFS or Azure Files.
Data Communication

All traffic is encrypted in transit over HTTPS using TLS 1.2 or greater.

Foxit AI Assistant Security Architecture

Foxit AI Assistant Service Architecture

When the user engages the AI Assistant button situated on the toolbar, and consents to Foxit's Terms of Service and Privacy Policy, as well as third-party privacy policies, the AI Assistant will proceed to acquire the current user identity from the Editor/Reader (Desktop/Mobile/Cloud). This process is executed based on the Foxit Account Service for the purpose of user identity authentication. Once the authentication process is successfully completed, the AI functionality will be enabled.

  • When a user sends a prompt via the chat function, the Foxit Editor/Reader promptly uploads the active PDF document to the Foxit AI Assistant Service for comprehensive document analysis.
  • The Foxit AI Assistant Service then dissects the PDF document into structured data, thereby laying the groundwork for an effective response to the user's query.
  • During this extraction of PDF content, Document Intelligence is incorporated to enhance the efficiency and accuracy of the extraction process.
  • To streamline the response time of the AI-powered Q&A system, the PDF document, along with the results derived from its extraction, are cached for a period of 48 hours.
  • Upon receipt of the user's query, the Foxit AI Assistant dispatches the relevant PDF content to Azure Open AI, which is then responsible for generating an appropriate response.
  • The Foxit AI Assistant subsequently delivers the generated response to the user's query.
Content filtering

The AI Assistant uses Azure OpenAI's content filtering system to filter out content including the hate, sexual, violence, and self-harm categories, preventing the output of harmful content.

Data, privacy, and security

Foxit Security Overview

Foxit Security is composed of these forms:

  • Document Security: Ensure that information within a document is not compromised.
  • Application Security: Guard against and/or quickly deal with any security related problem associated with a Foxit product.
  • Cloud Security: Ensure your data is safe over the internet.
  • Deployment and Administration security: By offering related capabilities and configuration options.

Document Security

Foxit PDF Editor allows document authors to create PDF documents and apply various security measures, including encryption, access control, digital signatures, and AI-based redaction (the permanent removal of content). The ease of use and power of these features provided by Foxit PDF Editor allows both individual users and organizations to effectively keep their information private and confidential.

Application Security

In addition to document security, we at Foxit recognize that the software itself can be a target of attacks, so we take our application security very seriously. As such, we have long adopted measures and processes that are leading industry best practices to ensure our application security, and have also introduced features and capabilities in the software itself so that users can further protect themselves in specialized situations.

Cloud Security

Cloud services provided by Foxit enhance the capabilities and user experience of the Foxit End User Productivity solution. These services are constantly monitored for availability, performance, as well as security.

  • Data Center Security
    All Foxit cloud services are managed by our trusted cloud service provider, Amazon Web Services (AWS), which is an ANSI tier-4 data center, and maintains verify strict controls around data center access, fault tolerance, environmental controls, and security. Only approved, authorized Foxit employees, cloud service provider employees, and contractors with a legitimate, documented business area are allowed access to the secure site in Virginia, USA, Frankfurt, Germany and Montreal, Canada.
  • Data Encryption and Privacy
    Foxit cloud services are designed with privacy and security as a high priority. All information transmission between the users and the Foxit cloud services are fully secured with 256-bit AES encryption over the HTTPS transport protocol.

    Foxit employees and trusted vendors only access customer data to perform certain business and support functions, or as required by law.
  • Off-Grid Operation
    Foxit offers users and organizations the option to operate the software in complete “off grid” mode, where no cloud service access will be performed by the software installed by users. This capability offers additional deployment and operational flexibility for organizations with high level of security needs.

Deployment and Administration

By offering security related capabilities and configuration options, such as disabling JavaScript execution, cross-domain resource access, and enabling “off grid” operation, Foxit has made its software more robust against attacks, and can reduce or eliminate the need for out-of-band security updates, as well as lowering the urgency for regularly scheduled updates. This leads to operational flexibility, as well as lowered Total Cost of Ownership (TCO), especially in large organizations with high level of requirements for security.

Conclusion

Foxit offers a best-in-class level of security protection tailored to meet the diverse needs of users with varying requirements for PDF functions, as well as organizations of different sizes and industries. We acknowledge the sensitivity of your information and workflow, emphasizing the utmost protection they demand. With Foxit, you gain a trusted vendor committed to not only delivering uncompromising PDF software but also ensuring its security across all facets in accordance with industry best practices.

For more information on Foxit security, please go to the Foxit Security Center.