Security is more than encryption
This is what zero-trust security looks like
We approach security assuming the worst—that your device has been hacked and your connection isn’t secure—then we neutralize those threats. Our zero-trust security model means giving you the best protection on the device, the application, and the connection.
The entire SKY ECC platform is built to do one thing—protect your messages and your privacy. Secure containers, always-on encrypted connections, protected devices—together we employ multiple layers of security to ensure what is private, stays private.
Concentric layers of protection for real security
Concentric layers of protection for real security. You can’t say your app is secure unless you protect what goes on outside of it. When we developed SKY ECC we saw three important parts of creating a secure communications solution:
- The device and operating system
- The connection and communications
- The application itself
Most secure communications apps only look at the third part. It’s extra work to worry about the security of someone’s device. It’s extra work to secure communications between the device and server.
But it’s that extra mile that sets SKY ECC apart from the rest to ensure that your information remains private and confidential.
Hardware and operating system protections
Hardware protections: We only install SKY ECC on devices with built-in tamper resistant chips.
OS protections: Leveraging on-chip protections, we use all security options available from the mobile OS including kernel and rollback protection.
Mobile Device Management: SKY ECC devices are managed devices so features can be locked down and SKY ECC installed into a protected container.
Connections and communications
Secure data network: We use SIM-based protections to connect to our global network of secure servers.
Secure connections: We create a secure tunnel for all network communications. If the connection isn’t secure, SKY ECC prevents you from logging in.
The SKY ECC application
Secure environment checks: If the connection or device isn’t secure, or the device has been compromised, you can’t log into SKY ECC.
Brute force protection: We limit password attempts, introduce CAPTCHAs after failed logins, and trigger the app to erase all data if someone tries to force their way in.
Password protections: There are separate passwords for the messages and saved Vault items.
Encrypted message headers and metadata: We prevent message metadata from compromising your security.
Push notification obfuscation: We scrub your data before it goes to Apple or Google’s push notification servers.
Chat and file encryption: We use 521 bit elliptic-curve Diffie-Hellman cryptography to protect your messages and files stored in the Vault. We can’t, under any circumstances, read your messages or data.