Secure Chat is an end-to-end encrypted messenger app. It allows users to send peer- to-peer messages, join group chats, and make unlimited voice and video calls. The application’s architecture ensures that no sensitive data passes through our servers, which act only as facilitators of the communication..
Most messengers that are advertised to encrypt data communication actually use a centralized encryption that stores communication on the server and uses a key to decrypt it. This opens up several risks for the data of the end-user:
To counter all possible vulnerabilities, Secure Chat uses a communication architecture that stores sensitive information only on your device and the one you’re communicating with, within an encrypted database, not reachable by third parties. This technique ensures that data transfer leaves no traces across the network or on any servers.
Data stored on a device is usually more vulnerable than data in transit. Messaging app developers often overlook the risks and do not encrypt data when stored, relying only on the security of the OS the app is installed on. This means that if an adversary gains access to an unlocked device, they can see all of the user’s saved communications.
Secure Chat encrypts its data at rest using full database encryption via the 256-bit SQLCipher encryption. This guarantees that adversaries will not be able to access the stored app data of the user, even if they manage to get hold of an unlocked device.
Secure Chat uses OMEMO encryption for peer-to- peer chats. The server is only involved to validate that both correspondents are online.
When the sender sends a message, the server checks whether the recipient is online. If they are not, the message is not submitted and remains on the sender’s phone until both peers are online. All communication-related information is encrypted with a 256-bit AES cipher and stored only on the user devices within a password- protected encrypted database, unbreachable even for supercomputers.
Enabling full confidentiality in a group messaging is a harder task on engineering level. Secure Chat OMEMO to encrypt data sent within a group chat with a 256-bit AES cipher. This encrypted data is then pushed to the organization’s server, where it remains in encrypted format. This data can only be accessed through the peer’s private key, stored solely on their device.
The information is delivered to each participant when they are online directly through the server. After the sensitive data has been delivered to all participants, it is deleted from the server, leaving no trace and making it completely inaccessible to third parties. As an additional security measure, the data is stored on the server for maximum 7 days. If a peer does not come online during this period, they will not be able to receive the messages, as they will be deleted from the server.
A common way to compromise someone’s communications is to impersonate them by logging in their account on another device. To protect users from such threats, their Secure Chat accounts are bound to the device they are using and cannot be accessed from any other mobile phone.
Standard PSTN telephony is only as secure as your mobile provider allows. Unauthorized access to the provider’s infrastructure can lead to intercepted and eavesdropped calls.
VoIP (voice-over-internet protocol) surpasses PSTN in portability and accessibility but can be exploited through MiTM (man-in-the-middle) and DoS (denial-of-service) attacks if not secured.
Secure Chat delivers end-to-end encrypted Voice Calls through ZRTP protocol. The phones of the communicating peers act both as receiver and transmitter of information, automatically recognizing that the other side is ZRTP- compliant, and using our servers only to establish the connection. All traffic is encrypted, making it impossible to intercept, even by the network provider, without knowing the shared secret.
To ensure users’ confidentiality, Secure Chat provides an option to send self-destructing messages, with 2 available patterns:
These conversations cannot be forwarded, saved, or screenshotted, ensuring they never leave the chat you shared them in.
For user convenience, the app offers the ability to send encrypted voice messages within the P2P and group chat.
Secure Chat supports rich file formats and allows you to send them in an encrypted form.