Pryvate™ Encrypted Voice Calls (VOIP)
It is always best to use open-source, peer-reviewed encryption tools on
smartphone, tablet and desktop computer.
The Pryvate app for Android (2.2 or higher) and Apple (iOS 6.0 or later)
features voice encryption capabilities that enable subscribers to make
voice over internet protocol (VoIP) calls that are secure, encrypted and
- Military-grade encryption combined with RSA 4096-bit and AES
- No risk of data being intercepted by hackers, criminals or
- Diffie-Hellman (D-H) key exchange, MD5 and SHA512 hash for voice
- Proprietary ‘Protection Agent’ software that detects, alerts and
against ‘man-in-the-middle’ attacks
- Encryption keys that are automatically created on your smartphone
Voice Call Quality – Multiple Network Compatibility
- Industry-leading encrypted voice service that operates over
- Secure calling over 3G/4G, GPRS, EDGE, LTE, UMTS, HSPA, W-CDMA or
connection – even at low bandwidths
Single-session-only keys are never stored or known to Pryvate as the
works on a peer-to-peer basis with no servers in the middle - so no
of calls is ever kept.
Automatic Discovery of Pryvate Contacts
- Auto-notification when a contact becomes a Pryvate user
- Users will also be able to see when their Pryvate contacts are
- Contact details will automatically populate their Pryvate address
We utilize the same encryption whilst conferencing with multiple users –
all voice calls encrypted. The conference call runs on the conference
organizer’s device. They initiate the conference by calling the other
parties and adding them to the group.
Pryvate™ Encrypted Video Calls
Video encryption takes video data and makes it impossible to view by
except the intended recipient – so long as the intended recipient has
correct key to decipher the data and view the video in its intended
There are two types of video encryption: personal and Digital Rights
Management (DRM). Personal encryption refers to someone who wants to
personal video with clients, family or friends and who does not want
unauthorised to see it. DRM is the same thing, although more complex. It
- Different types of video streams for different price brackets
- Region-specific videos
- Media or device-specific videos
- Software-specific videos
- Adaptive streaming
- Secure Video Encryption and Privacy (never known to us)
- ZRTP Protocol negotiates a key between two VoIP end points
As with voice calls, a new key is generated every time a connection is
which further protects the security and integrity of the data. This
that if an encryption key from a previous call was discovered –
calls would not be compromised.
Video Encryption Interoperability Standards
Video codec specifications include:
VP8 (WebM), H263, H263-1998, MPEG-4, Theora and H264
- Resolutions from QCIF (176 × 144) to SVGA (800 × 600)
Pryvate™ Encrypted Instant Message (IM)
Off-The-Record (OTR) messaging is a cryptographic protocol designed to
provide encryption for IM conversations. It ensures that messages do not
have digital signatures and therefore cannot be monitored.
Secure IM Encryption from Pryvate™ s
- Auto encrypted single/unique single session
- 3G and 4G, EDGE, GPRS, LTE, UMTS, HSPA, W-CDMA and Wi-Fi
- Peer to Peer – with no servers in the middle
- No records of any messages or conversations are stored
- AES symmetric-key, Diffie-Hellman and SHA-1 hash algorithms
- User sessions are automatically deleted after a session is
The application operates in standard unencrypted mode for normal
conversations. If a secure conversation is required, the user activates
secure mode, which initiates an authentication phase. This allows the
to verify the identity of the other party through a pre-arranged
question and answer combination or fingerprint. Once authenticated, the
application generates short-lived, session-based encryption keys –
secure communications and perfect forward security. This ensures that
discovery of a past key does not compromise the security of future
During secure IM conversations, digital signatures are removed and
is disabled to ensure deniability.
Notification of Screenshots
An innovative security feature of Pryvate’s service detects when a
is taken from within the Pryvate App. When this happens, the App
automatically notifies the sender that the recipient is making a record
Pryvate™ Encrypted Instant Message
The number of potential hackers and government agencies that may be
monitoring your online conversations, including your instant messages
never been higher. If you’re using an open wireless connection, there
numerous free software packages that can intercept unencrypted Instant
Messaging (IM) communications. Even password protected wireless networks
leave you vulnerable to monitoring from your broadband or software
providers. It is therefore essential that you consider your online
when it comes to instant messaging – whether you use it for personal or
What is IM Encryption?
Pryvate IM encryption is a varied implementation of Signal protocol, along with a ZRTP call through an oral SAS verification to provide mutual identity authentication as added MiTM attack protection security.
Secure IM Encryption from Pryvate™
Pryvate Instant Message Encryption implements the Signal protocol allowing users to privately and asynchronously exchange messages, also supports multiple devices per user and multiple users per device.
Pryvate IM encryption establishes encrypted sessions and encrypts messages but relies on Pryvate to acquire the unique identification string of peer devices and route the messages to their recipients.
The Signal protocol specification utilises the Double Ratchet Algorithm the X3DH Key Agreement Protocol and the Sesame Algorithm.
Application containerisation ensures that all received attachments sent through Pryvate instant messaging are safely kept inside the application space unless and until they are exported or sent to an external viewer for any attachments that require an external viewer.
A parameter inside our chat rooms allow users to also automatically store received photos and videos inside phone Gallery if they so choose.
Containerisation also applies for sent attachments that are generated inside the app, meaning photos and videos that are taken within the app and then sent. Agnostic platform; Android to IOS or vice versa; adaptable to existing email addresses
Pryvate™ Encrypted Email
Email encryption software is intended to eliminate the risks posed by
eavesdroppers. In general, email communications are passed through the
using unprotected protocols such as SSL/TSL. The emails are therefore
transmitted in plain text across local networks and the internet. As a
result, email messages and their attachments can be intercepted and read
those wishing to attack users maliciously or monitor their messages. It
not just potentially sensitive information that is at risk (such as bank
details, log-in credentials, and so on). Hackers, who gain access to
messages, can access content from users and their contacts – or even
their entire email account.
- Securely designates any or all of users current email addresses and
- Agnostic platform; Android to IOS or vice versa
Easy to maintain for IT staff, as users can keep existing technology
procedures. There is no need for re-training on new platforms
- 3G, EDGE, GPRS, UMTS, HSPA, W-CDMA, & Wi-Fi connections
- Encryption keys are automatically created on users smartphones for
individual email – with the associated single-session keys never
or known to Pryvate™
This not a mail client. It contains only the protection mechanism
make a user’s emails secure. What it does is assure users that no
data will ever remain or leave the device and that encryption data will
stored separately on Pryvate’s servers. By separating the encryption and
key, we have built in an added layer of security and removed the need
users to input additional SMTP/POP3 settings when setting up their
Pryvate™ Email Encryption – Technology Specifics
We have built in a layer of security that goes beyond that proposed by
British Standards Institute.
- All communication between a user’s app and the server is fully
encrypted, TLS-based or RSA4096-protected
Key material that is encrypted for sending to the server in-device
done by using the public key of an RSA4096 key pair
The connection between app and server is therefore considered
unbreakable using current techniques and technology.
- The return communication to the app from the server is protected by
AES 256-bit key that is sent to the server (RSA4096) and can be read
only by the server
- Newly generated key for each communication session, which is never
TLS-certificated secure link – which adds to the security, helps
‘man-in-the-middle’ attacks and is in accordance with BSI TR-03145
- Pryvate™ only uses true and tested public algorithms (RSA4096 and
AES256) in international implementations with NO backdoors. This is
requirement of BSI TR-03116-4. Additionally, all DNS requests are
through our servers and are compliant with DNSSEC.
- Once the message is encrypted and encapsulated in the .pry
is sent directly to the user’s current mail client on their device
(hopefully this is a DANE compliant mail transport). Because we have
control over the user’s choice of email client, we make the data as
secure as possible – which is why we separate the key material from
- We comply with Datenschutzanforderungen (BDSG) and Richlinie BSI
TR-03108, which makes our product one of the few software tools that
above the level of security highlighted in Sicherheitskonzept TKG-
Pryvate™ Secure File Transfer & Storage
- Eliminates the risk that any files transferred will be intercepted
whilst in transit.
- Send/store files and data – protected by military-grade encryption –
from a personal device via email or by using file
- sharing programs such as Dropbox, One Drive, or Box
- Secure file transfers can be stored without being sent.
- Encrypted form on a mobile device or on media storage, such as: CDs,
DVDs and USB flash drives.
- Decryption key is never located on the same device or file location.
a user’s data is stolen, the files and data remain secure.
- Without the need to ‘send’ files to ensure their encryption, secure
transfers can be made via the “SCP” with no limit on file size (as
normally experienced with email)
- Decryption is accomplished using the same method as encryption
- No extra software is required.
- Key material cannot be compromised, as it never resides with the
Our file storage component also works when a user wants to encrypt a
very large file and have it handed to a third party on a storage
The “SCP” automatically encrypts a user’s files and stores it within
inbox of the App. When the recipient (the third party, for example)
the file, they simply click the .pry message and it opens securely
Pryvate™ Secure File Transfer
If you are after the peace of mind that your important files will be able
be safely transferred without of the worry of them being intercepted by
someone else, Pryvate™ has the ideal solution for you. Pryvate™ secure
transfer will allow you to transfer your private files or data securely
using military grade encryption. You will be able to safely transfer
data from your personal device, via email or by utilising file sharing
programmes such as Dropbox, One Drive, or BOX securely. Your secure file
transfer will be free from prying eyes, competition, hackers and more
you use Pryvate™.
What Makes Pryvate™ So Secure?
The Pryvate™ platform allows for secure file transfers to be stored
being “sent”. Files can be stored in an encrypted format on the device,
CD/DVD or USB storage device. The decryption key is never located on the
device or file location. This will ensure that if you should you lose or
have your device stolen; the culprit will not be able to break into your
files. Without the need to ‘send’ files to ensure secure encryption,
file transfers can be made via the Pryvate™ app, resulting in no
in terms of file size as you would experience with email. The same
for encryption is used for decryption and no extra software is required.
key material can’t be compromised as it never resides with the encrypted
The file storage component of Pryvate™ also works when you want
encrypt a big file and have it delivered to a third party by means of
CD/DVD/USB storage device. The Pryvate™ app will automatically encrypt
file and store it in the inbox of the app instead of sending via email.
the recipient has the file on their device, they simply click the .pry
message and the app works its magic. File transfers are now made
privately and protected.
Combine this with disk encryption to have a fully safe and fool-proof
of safeguarding privacy and security for confidential or sensitive
information. Whether you keep a stock of private images/videos that
should know about, or whether you carry around the design plans for a
nuclear fusion reactor… with this system they are always available for
and kept from prying eyes.
Pryvate™ Secure File Storage
As part of the secure file transfer process, Pryvate™ secure file storage
protect your personal or corporate files utilising secure military grade
encryption. Whether you are storing your files on a device, PC, laptop
using a file share programme such as Dropbox or BOX, Pryvate™ will
that your files are encrypted and safe from any potential hackers,
espionage or the competition.
Encrypted files are stored without being ‘sent’ as with traditional
The Pryvate™ application allows the encrypted files to be securely
your device. They can also be stored securely on external devices such
CD/DVD’s or USB devices. The decryption key is never located on the
device/location therefore your securely stored files are safe. If your
device should be lost or stolen you can feel confident that your files
cannot be compromised.
Pin Encrypted Mobile Protection
Pryvate™ is a user-friendly APP that once installed, will revolutionise
We have taken steps to secure every aspect of the app and added
best-of-breed security to each element. As voice and video share the
root, we have treated them equally in our platform and have also added
secure protection for instant messaging.
With our triple layered secure voice component, users experience quality
voice and video communications, incorporating RSA4096 encryption
intermingled with AES and DH key exchange as a MiM flag.
In addition to this, our secure communications platform also has an
integrated encrypted email component. The component mail is not a mail
client at all, as it only contains the protection mechanism required to
your email safe and secure. No unsecured data will ever leave the
but encryption data will be stored separately with Pryvate™. By
the two elements, we have built in an added layer of security. This
in no need for users to input additional SMTP/POP3 settings when setting
their email client.
Additionally, we have an extra layer of security. To protect access to
App there is a PIN that acts as an extra activation code – making
Multiple Account Management
It is standard practice in most businesses for employees not to be
manage their own email accounts. The installation and activation of all
corporate software is invariably handled by security officers, IT staff
line managers. This has the unfortunate consequence that central
often find it difficult to keep track of the state of their network. So,
enable greater network transparency we have built a management dashboard
that allows authorised employees to see:
- Which accounts are active
- How many licences are being used or are still available
- The associated costs
This results in greater security for an organisation, as well as better
of use for the HR, IT departments and any other authorised personal.
The activation element of the software makes it user-friendly and easy
add new employees to the network. At Pryvate, we can import lists of
employees and activate or deactivate accounts or this can be left to an
department (which usually has the most up-to-date records), IT or
officers – depending on a user’s corporate policy.
Multiple Account Management is particularly valuable once more than 50
people are using our software – although many clients with fewer staff
use it because of its flexibility, transparency and improved security.
Pryvate™ Encrypted Web Browsing (Coming soon)
Feel confident when sharing personal information or banking online with
Private’s™ proprietary web browser.
Pryvate™ encrypted web browsing offers secure, private web browsing for
your family and the people who work with you through our bespoke web
browser, which has been built with end-to-end implementation of
analysis measures. Our secure browser will disguise your IP address
can often be tracked by criminals to locate your residential address.
From the provision of a basic proxy service, right through to using the
Private™ network with full HD video, you can rest assured that no
relay will ever be able to decipher the complete path that any
data packet has taken. Our secure browser will use random pathways
several internet relays to obscure your location and a compromised relay
cannot use traffic analysis to link the connection’s source and
Pryvate Key Technical Data
Pryvate™ uses ZRTP encryption for both Voice and IM. The subscribers’
handsets negotiate the encryption keys between themselves so the key is
never known to us. A new key is generated for each call or IM session,
enforcing perfect forward secrecy. This means that if an encryption key
discovered for a previous call or IM session, any subsequent
are not compromised.
For our secure email transfer and storage solution, the subscriber’s
email key is stored on the device and protected by a personal password
is never divulged to Pryvate™.
In regions where VoIP calls and IM are blocked by operators or
the system will automatically detect the situation and utilise the
encrypted and private network provided by our software.
In regions where anti-blocking technology may be a concern, our software
will present the host with Pryvate’s™ public IP address so that the
host does not detect the subscriber’s actual IP address. This then
the host from determining the subscriber’s location.
All aspects of security are considered when you use Pryvate™.
Pryvate Backend Services
Pryvate’s™ default method of key management ensures privacy for our
subscribers as neither us nor any associated parties have any access to
end user’s private keys. This prevents Pryvate™ or any associated party
being a target for any information related to the user’s private keys.
voice and IM keys are generated per session by the Pryvate™ application
the user’s device and are discarded at the end of the session. The email
application private keys are held on the device.
Pryvate™ has developed a VoIP anti-blocking solution for users who wish
bypass illegitimate firewall restrictions on 3G networks.
Numerous Countries block voice-over-internet protocol (VoIP) calls as
are seen as a:
- Drain on the revenue of their telecommunications companies
- Way of evading the control of governments and their security
- Setup statistic collection system for every call made through the
When making a call, a ‘session initiation protocol’ (SIP), is used to
two endpoints to shake hands – then a ‘real-time transport protocol’
carries the traffic. Our system works in real time by ‘tunneling’ the
and RTP traffic into a single encrypted HTTPS connection, using flexible
virtual tunneling architectures to achieve seamless voice and video
We utilize a ‘tunnel client library’ that is integrated into the user’s
Apple or Android device and a tunnel server that is deployed inside
Pryvate’s network infrastructure. The tunnel server uses the data of
secure connection to recreate the SIP and RTP traffic from the client’s
Its principle is tunneling all SIP and RTP traffic through a single
https connection up to a detunnelizer server. Our solution comprises:
We tunnel all SIP and RTP traffic through a single, secure https
up to a detunneliser server. Our solution comprises:
- A tunnel client library integrated into the Pryvate client for
- A tunnel server is deployed inside our network infrastructure
- The tunnel server re-creates the SIP and RTP traffic from the data
each secure connection to the clients
- Our client and server software is optimized to minimize latency
in TCP encapsulation of VoIP traffic.
It is not just a general purpose VPN.
Pryvate Key Management
Pryvate’s™ front end applications will be supported by a backend
service for voice and instant messaging, user presence and availability
information. Key servers will be established for the email application,
storing and synchronising keys within the PRYVATE / CRIPTYQUE Ltd
Anonymous browsing is achieved through a network of globally distributed
servers that randomly route traffic through the network, between the
device and the destination internet site, anonymising the source address
The backend services are supplied by CRIPTYQUE Limited’s server pools,
will initially be a single site service that will be expanded to a
distributed service. The global service rollout will have no impact on
customer experience as the distribution of traffic to the various
geographical services will be handled through DNS and will require no
changes to the applications.
Initially the DNS services will be supplied through a third party, but
internal DNS service will be set up before switching all device traffic
the PRYVATE / CRIPTYQUE Ltd network. The decision to switch will be
upon the number of customers, the types of service in use and the cost
maintenance of a global server network to service the customer base.