Certificates and keys are protected by the SHA-256 algorithm + RSA encryption and ensure the reliability of HTTPS connections.
We use modern algorithms (AES-256 with PBKDF2 keys) to encrypt messages when stored in the database.
We not only encrypt messages when they are saved in the database, but also when they are transmitted to the Client side. Each Client has its own encryption keys.
We do not store keys and vectors for decryption in the same database as encrypted messages.
We do not store files, videos, audio, or original photos attached to messages on our servers in full size, but use direct peer-to-peer transmission. You can rest assured that the transferred file will be available only to your Recipient.
We do not store copies of data on servers during peer-to-peer transmission of streaming data (audio, video calls). Only a person who is in your Friends can call you. No annoying calls from strangers.
We do not record IP or MAC addresses of phones when storing messages, posts, comments, likes, or any other content data.
We do not store Users' geolocation. Our apps do not get access to the device's GPS. We urge you not to transmit any coordinates in comments, messages, posts!
We do not own such contact data of Users in an open (decrypted) form, so we hope that Customers will also keep their Email addresses and mobile numbers in secret, which will increase the resistance of their accounts to hacking.
We require clients to create as complex passwords as possible without using dates of birth or simple phrases. If the password is entered incorrectly, we oblige the Clients to enter a security code (Captcha) and provide additional confirmation via Email. These measures increase security and make it difficult to pick a password (Brute-force attack).