top of page
Search

How SecureCrypt is Defending Your Privacy

Updated: Feb 4, 2023



Privacy is something we believe everyone has the fundamental human right to. SecureCrypt was founded for this reason.


From business avoiding the threat of corporate espionage, journalists protecting their confidential sources, lawyers conversing with their clients; each need privacy to do their jobs. Even in your day to day conversations with friends and family. Would you be comfortable knowing someone is reading your every message, and listening to your calls?



Adopting Secure Solutions

We can turn to technology to help us solve this problem, but technology cannot fully do this alone. To take control of our privacy, we need to use technology ourselves to be proactive.


We never want or need to know what you are doing or who you are. It is not our business to know. SecureCrypt's approach is one of Zero-Trust; we believe your data belongs to you,

and we enforce this belief.


We do not sell your data, which is why we offer our solution as paid only. We maintain our own infrastructure in our Canadian owned data centre, which is located in a secure facility monitored 24/7.


No complex enrolment procedure, our interface is simple, clean, and intuitive. Our application is lightweight and is optimized for highly secure data exchange.



How SecureCrypt protects your privacy


⦁ We rely on proven, secure encryption protocols only. We do not use any custom protocols like others have done before us. We only use verified encryption protocols, no hybrid models at all.


⦁ Every ID is made of a 6 character username, of both letters and numbers, which is randomly assigned.

⦁ Your ECC ID is not connected to any information that may be personally identifiable to you.


⦁ No phone number required at signup.


⦁ No email is required at sign up.


⦁ There are no location permissions requested by SecureCrypt.


⦁ We do not collect any personally identifiable information.


⦁ Encrypted containers on device separate our app from the rest of the device, allowing our app to sit inside of this isolated and encrypted partition.


⦁ Tamper-Proof hardware with Secure Boot, Enhanced Memory Protections, Device Integrity Checks, Brute-Force Password Attack Protections and much more.


⦁ Brute-Force protections and enforced both on the device, and our app. No automated password guessing tools will work, as if they are attempted the device will wipe itself. If attempted on our app, the app will wipe itself.


⦁ Panic Wipe, Duress Password, and Remote wipe ensures users have the maximum level of protections in any situation


⦁ All GPS, Bluetooth, WiFi, and other sensors are disabled from within the kernel level of the secured OS.


⦁ USB port is only active for charging, it cannot be connected to any external devices. This prevents any use of mobile forensic tools.

⦁ There is no function to browse through ECC ID’s, no list containing each one. So your ECC ID is not discoverable to anyone.

⦁ Anyone who wishes to communicate must be approved by you before you can start talking.

⦁ All message metadata is fully end-to-end encrypted to make sure any part of your information cannot be seen, stolen and used maliciously by third parties.


⦁ Encrypted containers set on your device allow the SecureCrypt Encrypted Communications application to sit inside of this secured, encrypted partition for an additional layer of security not found on regular or other commercial devices.

⦁ Every part of the SecureCrypt system is made so that we never collect any of your metadata or personally identifiable information, let alone store it. We believe that both your business and personal life should be private if you want it to be. We believe it is integral to protect your privacy, as it is a major part of protecting your business, identity and your security.


⦁ Tamper-Proof hardware with Secure Boot, Enhanced Memory Protections, Device Integrity Checks, Brute-Force Password Attack Protections and much more.


⦁ We are located in a free and democratic country which protects our users with our favourable encryption laws.



Keeping your information secure


When we built SecureCrypt we left nothing to chance. This is our “zero-trust” approach. With every layer of security we have implemented, we ensure there is no one single point of failure. Multiple layers of security features protect our users at all times.

When it comes to the devices we use, we only choose from BlackBerry, Samsung, and other compatible models. With each device containing tamper-resistance and hardware protections, we only allow devices that pass stringent and rigorous security tests.


Any feature that poses a potential risk to privacy or security, such as biometrics, Bluetooth and screenshots, are disabled.


Using highly secure SIM-based APN settings, each device connects to our secure, private mobile data network, which also uses multiple VPNs on device, and on the SIM.


Regardless of how the device in question connects to the internet, 4096-bit SSL encryption is used to encrypt all network communications, as well as passing through additional proxies as to give full network protection.


To help stop against malware or phishing attacks, devices are restricted from having internet access. Any unknown device will be unable to connect to our servers, keeping your device protected, as well as the network.

When SecureCrypt is installed, it is placed into a secure container within the device. This is so the app is always protected in the unlikely case malware would be to compromise the phone.

Anyone trying to use brute force attacks will fail and any attempt to use an insecure connection to login will not succeed, both thanks to the protections put in place. When logged in, every message, file or piece of information is securely encrypted with 512-bit ECC (Elliptic Curve Cryptography) Our encryption protocols are not custom, they are verified, and have been audited and proven safe, and free of any “backdoors” by security experts around the world.

We make sure to encrypt metadata too, something other secure messaging apps don’t do. Despite the network connection already being encrypted, we want to make sure no matter what, your information is secure and private.


All data is fully end-to-end encrypted at all times, at-rest and in-transit.

Included in the app is several failsafe measures put in place to make sure that your information and messages remain private.


An ECC ID can be associated with only one device at any time, which makes sure that no one can ever attempt to impersonate you or any other user. If someone attempts to input an incorrect password in 5 times, then the protections for brute force attacks will engage, deleting all chats, data and information from the device, to ensure that if anyone tries to break in, your data will not be in their hands. SecureCrypt allows for you to be able to fully delete the app with a duress password, or an in-app Panic Wipe; a feature designed for emergencies, and with Remote Wipe.

SecureCrypt is a privately distributed security solution, not available in an app store as we would have no idea if it was then being installed onto secure devices. If it is installed onto a compromised device, any amount of security apps will not be able to keep that phone secure, which is why our solution is only offered on secured devices.

SecureCrypt is a privacy-first company, we are a proud member of the GEC (Global Encryption Coalition) and take part in industry efforts to ensure encryption globally remains free of political attempts to insert backdoors and further weaken and erode people's privacy. This is something we take most seriously.

Comments


bottom of page