Why should I trust you?
You don’t have to trust Crypto Cloud’s word – you have to trust the technology we use. The products we offer all rely on tried-and-tested encryption and mobile security solutions that are the standard in enterprise and personal communication security. We just provide them to you as one single product to guarantee your privacy.
Are there any security backdoors in your products?
No. We are strongly opposed to the idea of putting backdoors in security products because this undermines their reliability. A backdoor is there both for friends and adversaries. Our end-users cannot afford that kind of risk, and neither do we.
How do you guarantee my messages are private?
There are several aspects of our services that guarantee your privacy together. First, our communication apps use strong encryption, based on cryptographic protocols that have been under the scrutiny of peer review for years. All the communications also remain encrypted all along the way from sender to recipient. Their security is guaranteed. Second, we give users control over their privacy. The encryption keys used by our PGP email client never touch our servers – they are generated and store on the user’s end. This ensures your emails remain unreadable to third parties, regardless to what happens to us and our servers. And third, we just facilitate the communication between you and your contacts when you use Crypto Chat. No messages ever stay on our servers – they just pass through there. Every message you send leaves your device only if your contact is online. After our server sends it to them, it gets instantly deleted from memory.
How do you respond to government information requests?
When approached by authorities and law enforcement with legitimate and lawful requests for information, we cooperate within the confines of the law. That being said, we have made sure such requests are redundant – we don’t store anything on our servers anyway. We keep no copies of user communications, messages only go through our servers and get instantly deleted. Even when they pass, they do so in encrypted form. The encryption keys that are needed to decrypt the communications and access their content are stored only on the users’ devices. We wouldn’t be able to read your messages – or help anyone read them – even if we wanted to.
Under what jurisdiction does Crypto Cloud operate?
Crypto Cloud operates under Bulgarian jurisdiction.
What data plan do the devices come with? Can use them when traveling to other countries?
All the devices we offer come with a multi-IMSI SIM card which offers unlimited data coverage across the globe. You don’t have to deal with mobile operators or to worry about roaming. As long as you are within the coverage of any cell network anywhere in the world, you can use our products to communicate in privacy.
What encryption do your apps use?
Crypto Mail uses PGP encryption with 4096-bit RSA keys and digital signatures. For one-on-one conversations, Crypto Chat uses OTR encryption with 4096-bit Diffie-Hellman, AES-256, and SHA-2 hashing. The same app uses OMEMO encryption for group conversations, relying on the Double Ratchet protocol, with AES-2546 and SHA-2. For voice over IP (VoIP) calls, Crypto Chat uses the ZRTP protocol.
Do you offer message self-destruct functionalities?
The version of Crypto Chat which comes with Encrypted Android and Encrypted Knox allows you to set two types of timers on your messages, after which they get deleted. You can set a countdown which starts the moment you hit send. If you set it at 15 minutes (for example), it will get deleted after 15 minutes, regardless of if it was read or not. The other timer starts the countdown the moment the recipient opens the message.
Can I erase information on my phone if it gets taken away?
Yes. We offer several options for remote wipe of our devices, depending on the product you can use. Encrypted Knox and Encrypted Android can be wiped remotely by sending a message with a specific command to the device via email or chat. Encrypted Android can also be remotely wiped by us at your request. You can also set up the device to self-wipe if isolated from the outside world. Encrypted Android can be wiped by the user via the special app on them.
Are messages stored on my device secure?
Yes. You are the only one who has access to them. All messages sent and received via our apps are stored only within the apps, in encrypted databases. The only way to access them is through the app itself, which you can open after filling in a password. There is no way a malicious app could mine data from Crypto Mail or Crypto Chat’s encrypted storages. On top of that, all our products have remote wipe options. You can use them to erase everything on the device if it happens to fall into the wrong hands.