Our Technologies for you!



images


Pryvate™ Encrypted Voice Calls (VIOP)

It is always best to use open-source, peer-reviewed encryption tools on your smartphone, tablet and desktop computer. The Pryvate app for Android (2.2 or higher) and Apple (iOS 6.0 or later) features voice encryption capabilities that enable subscribers to make free, voice over internet protocol (VoIP) calls that are secure, encrypted and completely private.

Pryvate™ Encryption

  • Military-grade encryption combined with RSA 4096-bit and AES 256-bit encryption
  • No risk of data being intercepted by hackers, criminals or government surveillance agencies
  • Diffie-Hellman (D-H) key exchange, MD5 and SHA512 hash for voice integrity
  • Proprietary ‘Protection Agent’ software that detects, alerts and defends against ‘man-in-the-middle’attacks
  • Encryption keys that are automatically created on your smartphone for each call

Voice Call Quality – Multiple Network Compatibility

  • Industry-leading encrypted voice service that operates over carrier-grade infrastructure
  • Secure calling over 3G/4G, GPRS, EDGE, LTE, UMTS, HSPA, W-CDMA or Wi-Fi connection – even at low bandwidths

Security

Single-session-only keys are never stored or known to Pryvate as the software works on a peer-to-peer basis with no servers in the middle, and therefore no record of calls is ever kept

Automatic Discovery of Pryvate Contacts

  • Auto-notification when a contact becomes a Pryvate user
  • Users will also be able to see when their Pryvate contacts are available
  • Contact details will automatically populate their Pryvate address book

Secure Conferencing

We utilize the same encryption whilst conferencing with multiple users – with all voice calls encrypted. The conference call runs on the conference organizer’s device. They initiate the conference by calling the other parties and adding them to the group.

image

Pryvate™ Encrypted Video Calls

Video Encryption.

Video encryption takes video data and makes it impossible to view by anyone except the intended recipient – so long as the intended recipient has the correct key to decipher the data and view the video in its intended format. There are two types of video encryption: personal and Digital Rights Management (DRM). Personal encryption refers to someone who wants to share a personal video with clients, family or friends and who does not want anyone unauthorised to see it. DRM is the same thing, although more complex. It can often include:

  • Different types of video streams for different price brackets
  • Region-specific videos
  • Media or device-specific videos
  • Software-specific videos
  • Adaptive streaming
  • Secure Video Encryption and Privacy (never known to us)
  • ZRTP Protocol negotiates a key between two VoIP end points

As with voice calls, a new key is generated every time a connection is made, which further protects the security and integrity of the data. This means that if an encryption key from a previous call was discovered – subsequent calls would not be compromised.

Video Encryption Interoperability Standards

Video codec specifications include:

  • VP8 (WebM), H263, H263-1998, MPEG-4, Theora and H264
  • Resolutions from QCIF (176 × 144) to SVGA (800 × 600)

Pryvate™ Encrypted Instant Message (IM)

Off-The-Record (OTR) messaging is a cryptographic protocol designed to provide encryption for IM conversations. It ensures that messages do not have digital signatures and therefore cannot be monitored.

Secure IM Encryption from Pryvate™ s

  • Auto encrypted single/unique single session
  • 3G and 4G, EDGE, GPRS, LTE, UMTS, HSPA, W-CDMA and Wi-Fi
  • Peer to Peer – with no servers in the middle
  • No records of any messages or conversations are stored
  • AES symmetric-key, Diffie-Hellman and SHA-1 hash algorithms
  • User sessions are automatically deleted after a session is terminated

The application operates in standard unencrypted mode for normal conversations. If a secure conversation is required, the user activates secure mode, which initiates an authentication phase. This allows the user to verify the identity of the other party through a pre-arranged password, question and answer combination or fingerprint. Once authenticated, the application generates short-lived, session-based encryption keys – providing secure communications and perfect forward security. This ensures that the discovery of a past key does not compromise the security of future sessions. During secure IM conversations, digital signatures are removed and logging is disabled to ensure deniability.

Notification of Screenshots

An innovative security feature of Pryvate’s service detects when a screenshot is taken from within the Pryvate App. When this happens, the App automatically notifies the sender that the recipient is making a record of confidential information.

Pryvate™ Encrypted Instant Message

The number of potential hackers and government agencies that may be monitoring your online conversations, including your instant messages has never been higher. If you’re using an open wireless connection, there are numerous free software packages that can intercept unencrypted Instant Messaging (IM) communications. Even password protected wireless networks leave you vulnerable to monitoring from your broadband or software providers. It is therefore essential that you consider your online security when it comes to instant messaging – whether you use it for personal or business purposes.

What is IM Encryption?

Off-The-Record (OTR) messaging is a cryptographic protocol, designed to provide encryption for instant messaging conversations. It ensures the messages in an IM conversation do not have digital signatures and therefore cannot be monitored.

Secure IM Encryption from Pryvate™

The Pryvate™ IM encryption software enables all of your instant messages to be secured, encrypted and completely private by automatically creating encryption keys on your smartphone for that individual message’s use. It is compatible with Internet connections using 3G/4G, EDGE, GPRS, LTE, UMTS, HSPA, W-CDMA and WIFI and it works on a peer-to-peer basis with no servers in the middle – this results in no record of any message or conversation being stored.
The application operates in standard unencrypted mode for normal conversations. If a secure conversation is required, the user activates secure mode which initiates an authentication phase, allowing the user to verify the identity of the other party through a pre-arranged password, question/answer combination or manual fingerprint verification. Once authenticated, the application generates short lived session based encryption keys, providing secure communications and perfect forward security. During secure IM conversations, digital signatures are removed and logging disabled ensuring deniability.
To ensure complete privacy, Pryvate™ uses a combination of AES symmetric-key, Diffie-Hellman and SHA-1 hash algorithms. Additionally, user sessions are automatically deleted immediately once the session is terminated. There are no records of any IM conversation, resulting in your personal and business IM communications being completely secure.

Pryvate™ Encrypted Email

Email encryption software is intended to eliminate the risks posed by network eavesdroppers. In general, email communications are passed through the ether using unprotected protocols such as SSL/TSL. The emails are therefore transmitted in plain text across local networks and the internet. As a result, email messages and their attachments can be intercepted and read by those wishing to attack users maliciously or monitor their messages. It is not just potentially sensitive information that is at risk (such as bank details, log-in credentials, and so on). Hackers, who gain access to email messages, can access content from users and their contacts – or even hijack their entire email account.

  • Securely designate any or all of users current email addresses and services
  • Agnostic platform; Android to IOS or vice versa Easy to maintain for IT staff, as users can keep existing technology and procedures. There is no need for re-training on new platforms.
  • 3G, EDGE, GPRS, UMTS, HSPA, W-CDMA, & Wi-Fi connections
  • Encryption keys are automatically created on users smartphones for each individual email – with the associated single-session keys never stored or known to Pryvate™

This not a mail client. It contains only the protection mechanism required to make a user’s emails secure. What it does is assure users that no unsecured data will ever remain or leave the device and that encryption data will be stored separately on Pryvate’s servers. By separating the encryption and the key, we have built in an added layer of security and removed the need for users to input additional SMTP/POP3 settings when setting up their client.

Pryvate™ Email Encryption – Technology Specifics

We have built in a layer of security that goes beyond that proposed by the British Standards Institute.

  • All communication between a user’s app and the server is fully encrypted, TLS-based or RSA4096-protected Key material that is encrypted for sending to the server in-device is done by using the public key of an RSA4096 key pair The connection between app and server is therefore considered unbreakable using current techniques and technology.
  • The return communication to the app from the server is protected by the AES 256-bit key that is sent to the server (RSA4096) and can be read only by the server
  • Newly generated key for each communication session, which is never stored TLS-certificated secure link – which adds to the security, helps avoid ‘man-in-the-middle’ attacks and is in accordance with BSI TR-03145
  • Pryvate™ only uses true and tested public algorithms (RSA4096 and AES256) in international implementations with NO backdoors. This is a requirement of BSI TR-03116-4. Additionally, all DNS requests are routed through our servers and are compliant with DNSSEC.
  • Once the message is encrypted and encapsulated in the .pry attachment it is sent directly to the user’s current mail client on their device (hopefully this is a DANE compliant mail transport). Because we have no control over the user’s choice of email client, we make the data as secure as possible – which is why we separate the key material from the data.
  • We comply with Datenschutzanforderungen (BDSG) and Richlinie BSI TR-03108, which makes our product one of the few software tools that are above the level of security highlighted in Sicherheitskonzept TKG- ISO27001.

Pryvate™ Secure File Transfer & Storage

  • Eliminates the risk that any files transferred will be intercepted whilst in transit.
  • Send/store files and data – protected by military-grade encryption – from a personal device via email or by using file
  • sharing programs such as Dropbox, One Drive, or Box
  • Secure file transfers can be stored without being sent.
  • Encrypted form on a mobile device or on media storage, such as: CDs, DVDs and USB flash drives.
  • Decryption key is never located on the same device or file location. If a user’s data is stolen, the files and data remain secure.
  • Without the need to ‘send’ files to ensure their encryption, secure file transfers can be made via the “SCP” with no limit on file size (as normally experienced with email)
  • Decryption is accomplished using the same method as encryption
  • No extra software is required.
  • Key material cannot be compromised, as it never resides with the encrypted file. Our file storage component also works when a user wants to encrypt a very large file and have it handed to a third party on a storage device. The “SCP” automatically encrypts a user’s files and stores it within the inbox of the App. When the recipient (the third party, for example) has the file, they simply click the .pry message and it opens securely
image

Pryvate™ Secure File Transfer

If you are after the peace of mind that your important files will be able to be safely transferred without of the worry of them being intercepted by someone else, Pryvate™ has the ideal solution for you. Pryvate™ secure file transfer will allow you to transfer your private files or data securely using military grade encryption. You will be able to safely transfer your data from your personal device, via email or by utilising file sharing programmes such as Dropbox, One Drive, or BOX securely. Your secure file transfer will be free from prying eyes, competition, hackers and more when you use Pryvate™.

What Makes Pryvate™ So Secure?

The Pryvate™ platform allows for secure file transfers to be stored without being “sent”. Files can be stored in an encrypted format on the device, on CD/DVD or USB storage device. The decryption key is never located on the device or file location. This will ensure that if you should you lose or have your device stolen; the culprit will not be able to break into your files. Without the need to ‘send’ files to ensure secure encryption, secure file transfers can be made via the Pryvate™ app, resulting in no limitations in terms of file size as you would experience with email. The same method for encryption is used for decryption and no extra software is required. The key material can’t be compromised as it never resides with the encrypted file.

The file storage component of Pryvate™ also works when you want to encrypt a big file and have it delivered to a third party by means of CD/DVD/USB storage device. The Pryvate™ app will automatically encrypt your file and store it in the inbox of the app instead of sending via email. When the recipient has the file on their device, they simply click the .pry message and the app works its magic. File transfers are now made securely, privately and protected.

Combine this with disk encryption to have a fully safe and fool-proof system of safeguarding privacy and security for confidential or sensitive information. Whether you keep a stock of private images/videos that nobody should know about, or whether you carry around the design plans for a nuclear fusion reactor… with this system they are always available for you and kept from prying eyes.

Pryvate™ Secure File Storage

As part of the secure file transfer process, Pryvate™ secure file storage can protect your personal or corporate files utilising secure military grade encryption. Whether you are storing your files on a device, PC, laptop or using a file share programme such as Dropbox or BOX, Pryvate™ will ensure that your files are encrypted and safe from any potential hackers, corporate espionage or the competition.

Encrypted files are stored without being ‘sent’ as with traditional email. The Pryvate™ application allows the encrypted files to be securely stored on your device. They can also be stored securely on external devices such as CD/DVD’s or USB devices. The decryption key is never located on the device/location therefore your securely stored files are safe. If your device should be lost or stolen you can feel confident that your files cannot be compromised.

Pin Encrypted Mobile Protection

Pryvate™ is a user-friendly APP that once installed, will revolutionise your communications!
We have taken steps to secure every aspect of the app and added best-of-breed security to each element. As voice and video share the same root, we have treated them equally in our platform and have also added secure protection for instant messaging.

With our triple layered secure voice component, users experience quality voice and video communications, incorporating RSA4096 encryption intermingled with AES and DH key exchange as a MiM flag.

In addition to this, our secure communications platform also has an integrated encrypted email component. The component mail is not a mail client at all, as it only contains the protection mechanism required to make your email safe and secure. No unsecured data will ever leave the device, but encryption data will be stored separately with Pryvate™. By separating the two elements, we have built in an added layer of security. This results in no need for users to input additional SMTP/POP3 settings when setting up their email client.

Additionally, we have an extra layer of security. To protect access to our App there is a PIN that acts as an extra activation code – making eavesdropping impossible.

Multiple Account Management

It is standard practice in most businesses for employees not to be allowed to manage their own email accounts. The installation and activation of all corporate software is invariably handled by security officers, IT staff or line managers. This has the unfortunate consequence that central departments often find it difficult to keep track of the state of their network. So, to enable greater network transparency we have built a management dashboard that allows authorised employees to see:

  • Which accounts are active
  • How many licences are being used or are still available
  • The associated costs

This results in greater security for an organisation, as well as better ease of use for the HR, IT departments and any other authorised personal.

The activation element of the software makes it user-friendly and easy to add new employees to the network. At Pryvate, we can import lists of employees and activate or deactivate accounts or this can be left to an HR department (which usually has the most up-to-date records), IT or security officers – depending on a user’s corporate policy.

Multiple Account Management is particularly valuable once more than 50 people are using our software – although many clients with fewer staff still use it because of its flexibility, transparency and improved security.

Pryvate™ Encrypted Web Browsing (Coming soon)

Feel confident when sharing personal information or banking online with Private’s™ proprietary web browser.

Pryvate™ encrypted web browsing offers secure, private web browsing for you, your family and the people who work with you through our bespoke web browser, which has been built with end-to-end implementation of anti-traffic analysis measures. Our secure browser will disguise your IP address which can often be tracked by criminals to locate your residential address.

From the provision of a basic proxy service, right through to using the Private™ network with full HD video, you can rest assured that no individual relay will ever be able to decipher the complete path that any particular data packet has taken. Our secure browser will use random pathways through several internet relays to obscure your location and a compromised relay cannot use traffic analysis to link the connection’s source and destination.

image

Pryvate Key Technical Data

Pryvate™ uses ZRTP encryption for both Voice and IM. The subscribers’ handsets negotiate the encryption keys between themselves so the key is never known to us. A new key is generated for each call or IM session, enforcing perfect forward secrecy. This means that if an encryption key is discovered for a previous call or IM session, any subsequent communications are not compromised.

For our secure email transfer and storage solution, the subscriber’s private email key is stored on the device and protected by a personal password which is never divulged to Pryvate™.

In regions where VoIP calls and IM are blocked by operators or governments, the system will automatically detect the situation and utilise the secure, encrypted and private network provided by our software.

In regions where anti-blocking technology may be a concern, our software will present the host with Pryvate’s™ public IP address so that the remote host does not detect the subscriber’s actual IP address. This then prevents the host from determining the subscriber’s location.

All aspects of security are considered when you use Pryvate™.

Pryvate Backend Services

Pryvate’s™ default method of key management ensures privacy for our subscribers as neither us nor any associated parties have any access to the end user’s private keys. This prevents Pryvate™ or any associated party from being a target for any information related to the user’s private keys. The voice and IM keys are generated per session by the Pryvate™ application on the user’s device and are discarded at the end of the session. The email application private keys are held on the device.

Pryvate Anti-Blocking

Pryvate™ has developed a VoIP anti-blocking solution for users who wish to bypass illegitimate firewall restrictions on 3G networks.


Numerous Countries block voice-over-internet protocol (VoIP) calls as they are seen as a:

  • Drain on the revenue of their telecommunications companies
  • Way of evading the control of governments and their security services
  • Setup statistic collection system for every call made through the app.

When making a call, a ‘session initiation protocol’ (SIP), is used to allow two endpoints to shake hands – then a ‘real-time transport protocol’ (RTP) carries the traffic. Our system works in real time by ‘tunneling’ the SIP and RTP traffic into a single encrypted HTTPS connection, using flexible virtual tunneling architectures to achieve seamless voice and video calls.

We utilize a ‘tunnel client library’ that is integrated into the user’s Apple or Android device and a tunnel server that is deployed inside Pryvate’s network infrastructure. The tunnel server uses the data of each secure connection to recreate the SIP and RTP traffic from the client’s smartphone.

images

Its principle is tunneling all SIP and RTP traffic through a single secure https connection up to a detunnelizer server. Our solution comprises:

We tunnel all SIP and RTP traffic through a single, secure https connection up to a detunneliser server. Our solution comprises:

  • A tunnel client library integrated into the Pryvate client for iPhone or Android
  • A tunnel server is deployed inside our network infrastructure
  • The tunnel server re-creates the SIP and RTP traffic from the data of each secure connection to the clients
  • Our client and server software is optimized to minimize latency inherent in TCP encapsulation of VoIP traffic.

It is not just a general purpose VPN.

Pryvate Key Management

Pryvate’s™ front end applications will be supported by a backend registration service for voice and instant messaging, user presence and availability information. Key servers will be established for the email application, storing and synchronising keys within the PRYVATE / CRIPTYQUE Ltd network.

Anonymous browsing is achieved through a network of globally distributed servers that randomly route traffic through the network, between the user’s device and the destination internet site, anonymising the source address on each hop.

The backend services are supplied by CRIPTYQUE Limited’s server pools, which will initially be a single site service that will be expanded to a globally distributed service. The global service rollout will have no impact on the customer experience as the distribution of traffic to the various geographical services will be handled through DNS and will require no changes to the applications.

Initially the DNS services will be supplied through a third party, but an internal DNS service will be set up before switching all device traffic to the PRYVATE / CRIPTYQUE Ltd network. The decision to switch will be based upon the number of customers, the types of service in use and the cost and maintenance of a global server network to service the customer base.