The next frontier in the fight to regain privacy online is about the security of data at rest. End-to-end encryption does a great job at securing communications, but contemporary attacks find ways around it by targeting unencrypted app databases and storages. This is why we created Secure Vault – an encrypted container app to store all your notes and files.
What most hacking attacks nowadays have in common is that they do not bother with breaking encryption. Protocols such as PGP, OTR, OMEMO, and ZRTP provide sufficient security for communications. However, they can be bypassed by infecting a user’s device with malware and mining data – including messages and files – from the apps before it gets encrypted.
Why we created Secure Vault?
To address the abovementioned challenge, Secure Group designed the Secure Email and Secure Chat apps to store everything in their own encrypted databases that are inaccessible to other apps (including malware). While this does guarantee the security of the stored messages and files, it creates a slight inconvenience for users. For example, they cannot use Secure Chat to open and send a file that they have received as an attachment in Secure Email.
Secure Vault solves this issue by creating a single encrypted container, where users can store all their files and messages and then access them from any app they choose. You can think of it as the encrypted equivalent of the shared media folder found on every regular Android device. After all, we at Secure Group believe that security should not come at the expense of users' convenience.
How does Secure Vault work?
When Secure Vault is not in use, all information stored in its container is encrypted. The app uses AES XTS encryption with SHA-512 hashing (but is also compatible with TrueCrypt or VeraCrypt). When a user wants to use the files and notes stored within the app, they have to first decrypt the database. This happens by filling in a previously determined Security Lock – which could be a PIN or a password of the user’s choosing.
When a user leaves the app, it automatically encrypts everything again. This way all data stored in Secure Vault is decrypted only while a user is actively using the app. In all other instances, it remains locked to any attacker, malware or spyware trying to access the data.
Secure Vault allows you to do the following:
- Store files received in Secure Chat. Every picture or video file you receive as an attachment in a chat with your contacts can also be stored safely in Secure Vault.
- Send files stored in Secure Vault as chat messages. You can also open the container (after filling in the Security Lock) from Secure Chat and attach to a message any of the files stored in Secure Vault.
- Save chat messages in Secure Vault. After long-tapping a chat message in a Secure Chat conversation, you can choose to save it as a .txt file in Secure Vault.
- Create encrypted notes. Secure Vault is also an encrypted notepad, which saves all notes within the app’s container as .txt files.
For now, Secure Vault is fully integrated with Secure Chat. Integration with Secure Email will follow soon. The app will eventually be compatible with third-party software as well.
Secure Vault is currently available on SAS for Secure Phone users.