Security, more than encryption
Zero-trust security, this is what it looks like
We approach security assuming the worst—that your device has been hacked and your connection isn’t secure—then we neutralize those threats. Our zero-trust security model means giving you the best protection on the device, the application, and the connection.
The entire SKY ECC platform is built to do one thing—protect your messages and your privacy. Secure containers, always-on encrypted connections, protected devices—together we employ multiple layers of security to ensure what is private, stays private.
Real security with Concentric layers of protection
Concentric layers of protection for real security. You can’t say your app is secure unless you protect what goes on outside of it. When we developed SKY ECC we saw three important parts of creating a secure communications solution:
- The device and operating system
- The connection and communications
- The application itself
Most secure communications apps only look at the third part. It’s extra work to worry about the security of someone’s device. It’s extra work to secure communications between the device and server.
But it’s that extra mile that sets SKY ECC apart from the rest to ensure that your information remains private and confidential.
Hardware and operating system protections
Hardware protections: We only install SKY ECC on devices with built-in tamper resistant chips.
OS protections: We use all security options available from the mobile OS, leveraging on-chip protections, including kernel and rollback protection.
Mobile Device Management: All SKY ECC phones are managed devices. This means features can be locked down and SKY ECC installed into a protected container.
Connections and communications
Secure data network: SIM-based protections connecting to our global network of secure servers.
Secure connections: If the connection isn’t secure, SKY ECC prevents you from logging in. We have a secure tunnel for all network communications.
The SKY ECC application
Secure environment checks: If the device has been compromised or the connection or device isn’t secure, you can’t log into SKY ECC.
Brute force protection: We introduce CAPTCHAs after failed logins, limit password attempts, and trigger the app to erase all data if someone tries to force their way in.
Password protections: Separate passwords for messages and saved Vault items.
Encrypted message headers and metadata: We ensure message metadata never compromises your security.
Push notification obfuscation: Your data is scrubbed before it goes to Apple or Google’s push notification servers.
Chat and file encryption: We can’t, ever, under any circumstances, read your messages or data. We use 521 bit elliptic-curve Diffie-Hellman cryptography to protect your messages and files stored in the Vault.