Benevity App: FAQs

The all-new Benevity app empowers all of your people to give, volunteer and take positive action whenever they’re most inspired. Now, whether your employees are in the office, in the field, in a store or working from home, everyone can participate in your corporate purpose initiatives right from the palm of their hand! We've gathered some common FAQs and answered them for you here in two sections:

General FAQs

Can I demo/test the app before enabling it?

  • Yes! Speak to your Benevity Client Success Manager. You can learn more about the Benevity app on the B-Hive.

What devices can people download the app to?

  • The Benevity app is available for iOS and Android.

Where can people download the app?

How do I enable the app?

  • Program leaders with the “site settings manager” role can enable the app in one click from the Spark admin dashboard!
  • If you require assistance with enabling the app, contact your Client Success Manager.

How do I roll out the app to my people? Do you have a best practices guide?

Can I customize the app for my company?

  • There is one Benevity app available to download and there are no plans to create any customized versions. However, once your people are signed in, they will see your company’s branding, just as they would on the website version of Spark.

How do people sign in?

  • Whether your people are signing in on a desktop computer, mobile browser or in the Benevity app, they use the same login process. This means no additional configurations are required for the app. Depending on your login setup, there are three possible scenarios for signing in:
    • SSO only: Users are taken directly to their company’s single sign-on screen.
    • SSO or username/password: Users are offered the choice of which sign-in method they would like to use.
    • Username/password only: Users can enter their username/password. If two-factor authentication is configured as part of your single sign-on, it will work the same way as it does when signing in to the desktop version of Spark. If the person’s device supports fingerprint login, Touch ID or Face ID, they will be asked if they would like to use that option the next time they sign in.

How much does it cost to enable or use the app?

  • There is no additional cost to enable, roll out or use the Benevity app — it’s free!

Will the donations and volunteering activities done through the app appear on the website?

  • The Benevity app and desktop version of Spark share the same information, so any donations, volunteering or tracked Missions activities will appear on both the app and the website.


Security FAQs

Does the app include new terms of use?

  • No, the terms of use have not changed.

Do Benevity’s existing Spark controls apply?

  • The Benevity app is a “skin” or “wrapper” on Spark, so know that you can continue to rely on the same Spark controls and policies that are already in place! For a current version of Benevity’s comprehensive security package, please reach out to your Client Success Manager.

What security testing has been performed on the app?

  • An independent third party scrutinizes each version of the Benevity app for a wide variety of vulnerabilities and privacy concerns, including the Open Web Application Security Project’s (OWASP) Top Ten for Mobile Application Security Testing. Additionally, the independent third party performs penetration testing of the app on a bi‑annual basis.

Does the app store confidential/ sensitive application data?

  • The Benevity app does not store any personal information; however, some authentication tokens and information about the particular program that are critical to the app’s functionality are stored. On Android, these are on the device in EncryptedSharedPreferences, supported by the Android Keystore which uses hardware-backed keys. On iOS devices they are stored in the iOS Keychain.

What happens if we haven’t enabled the app but an employee downloads it from the app store?

  • If an employee attempts to log in, they will receive a message stating the app isn’t available for their program yet and to contact their admin. Rest assured, access to the app is disabled by default.

What security measures are in place to prevent misuse of the app on an employee’s phone?

  • In the event of a lost device, a user can revoke access to their app account from Spark.
  • A third party that gained access to the phone would still need to use fingerprint login, Touch ID or Face ID to open the app. If those failed, they would be asked to enter the username and password.
  • If a user were to leave their phone unlocked while signed into the app, the app would lock after 10 minutes of no activity and the user would be asked to authenticate again. Whenever the app is put into the background for longer than 10 minutes, when someone takes a call or switches to another app, the Benevity app will ask them to re‑authenticate when they return to it.

Does the Benevity app support remote data wiping and management?

  • Although the app doesn’t currently allow for wiping data remotely, users can revoke app account access from the Spark website if their device is lost or stolen. However, if your company has a mobile device management system, the entire app could be removed from a device remotely.

What permissions does the Benevity app use?

  • iOS - Photo selection, camera actions and location data are governed by iOS and the user can choose to allow or deny access.
  • Android - Photo selection and camera actions are governed by Android OS and the user can choose to allow or deny access. No additional permissions are required.


Want to share this info with someone without B-Hive access? Download the PDF!


Was this article helpful?
2 out of 3 found this helpful