Do your products have encryption backdoors?
No, they don’t. Backdoors are intentional flaws in security systems and encryption services that serve as a way for their creators to bypass the security. The products we offer have no such backdoors. We do not need elevated access to your messages or device to perform maintenance. We provide a service intended to secure people’s privacy. Leaving loopholes in our products so that we could gain access to them would have been at odds with that idea.
How do you guarantee the security of messages?
There are several layers of security protecting your messages. The first one is the strength of the encryption. Secure Email and Secure Chat use state-of-the-art cryptographic protocols such as PGP, OTR, OMEMO and ZRTP to encrypt all communication channels: email, chat, and voice over IP. Our implementations of these protocols use best-of-breed technologies such as AES-256, SHA-256, 4096-bit RSA, and 4096-bit Diffie-Hellman.
All apps also use end-to-end encryption. This means that every message you send gets encrypted on your device, remains encrypted (and undecipherable to third parties) all along the way to the recipient’s device, and gets decrypted only once it arrives there. No one can decipher the content of your communications, even if they somehow succeed in intercepting them.
Lastly, we do not keep anything on our servers. They are used just to facilitate the communication between users. Every message that passes through the servers, gets instantly deleted the moment it gets sent to the end recipient. In Secure Chat, messages get sent only when the two communicating parties are online. This means that no message ever lays dormant on our servers, waiting to be sent.
How does message self-destruct work?
You can assign countdown timers to your messages sent with the Secure Chat app. The one function is called Time to Live (TTL) which starts the countdown the moment the message is sent. Regardless of whether the recipient opens and reads the message when they receive it or not, it gets deleted on both devices when the timer runs out. The other function is called For Your Eyes Only (FYEYO). In it, the timer starts when the recipient opens the message. Once it runs out, the message also gets deleted on both the sender and the recipient’s device. (Read here for more details: https://support.securegroup.c How does message self-destruct work?om/articles/use-fyeo-ttl-modes/)
How do you ensure your servers don’t get compromised?
Our gateway servers have multilayered protection. We use logical isolation, firewall filters, ACLs, and DDoS mitigation protection in excess of 1 terabyte of bandwidth. Moreover, we run our own BGP network for extra control and absolute security. Communication between our servers travels via a VPN tunnel, and no unencrypted traffic ever leaves our infrastructure.
And this is just our primary data center in Sofia, Bulgaria. We have another, backup one, at a location we cannot publicly disclose.
What datacenters and service providers do you use and who has access to their servers?
Secure Group, of whose services Secure Com World is a distributor, does not rely on any third-party infrastructure. No part of the service we offer end-users is outsourced. Everything happens through servers which the company owns, and only its team of trained IT experts has access to them.
How do you respond to government information requests?
We review the requests individually. If they come with the necessary legal warrant, we co-operate with authorities within the confines of the applicable laws. (Secure Group operates within Bulgarian jurisdiction.)
That being said, we do not keep anything on our servers that could be of interest. We do not store copies of our users’ encryption keys (these are created and stored only on their devices) and we have no copies of messages (these get deleted from the servers the moment they are sent to the recipient). And the messages that do pass through the servers, do so in encrypted form.
What data plan does your product require?
The short answer is “none”. Secure Phone comes together with Secure SIM. This is a special multi-IMSI SIM card which we provide with the device. It comes with an unlimited data plan which offers coverage in over 140 countries worldwide (see the full list here - https://support.securegroup.com/articles/secure-phone-international-mobile-data-coverage/).
You don’t have to deal with mobile operators and sign up for their services. We are your operator. And we don’t charge roaming or any other fees. You just get a phone which is ready to work out of the box.
What benefits does the multi-IMSI SIM bring?
First, Secure SIM comes with an unlimited data plan with full global coverage. Because Secure Phone uses only its encrypted chat and email apps for communications, this is all you really need. (You can also use Wi-Fi, if you prefer – although it is recommended to do it only over trusted networks.)
Second, because the SIM has up 16 IMSI numbers (mobile identities), it can switch between different carriers. This way you are always connected to the network with the best coverage at your current location and always get the best available signal and reception.