• Welcome to the Evolution

    EncroChat proudly releases the new standard for privacy.

  • Total Security Solution

    Package includes specially engineered end user device and software coupled with a secure infrastructure.
  • Encryption. Secrecy. Reputability. Deniability.

    Leap beyond the current 'Pretty Good Privacy' standard.
  • 1
  • 2
  • 3
English Dutch French German Russian Spanish Turkish

EncroChat Features EncroChat develops the next level of worry free secure communications.

 

Guarantee Anonymity

No way to associate device or SIM card to customer account.

 

Customized Android Platform

Fully encrypted from power on. Focus on security and privacy. Simplified user settings.

 

Dual Operating System (OS)

Subscribers can now launch either a standard Android OS or the EncroChat OS. Two distinctive Operating Systems packaged with each device.

 

Over-the-Air (OTA) Service

Enhancements, patches, and features can be securely added directly to the Android Operating system of a subscriber device.

 

Industry Leading Hardware

Specially tailored to harden security. Removal of camera, microphone, GPS, and USB data port.

 

Global Service

Quad-band GSM, UMTS and CDMA all supported. Unlimited international SIM included +120 countries.

 

Field Factory Restore

A user can now securely wipe subscriber device and rebuild it in the field.

EncroChat Messaging Protocol

The electronic equivalent of a regular conversation between two people in an empty room.

image

Hardware Cryptographic Engine (FIPS 140-2 certified)

An EncroChat device can not be brute forced to mount the encrypted data partition. We generate an RSA public/private keypair with which the public key portion is combined with your disk encryption passphrase. Without the private key, which is in a hardware backed keystore, you can't mount the encrypted data partition.

 

Simplified Verification

Using our Notary verification process vastly simplifies the complexities of encryption for end users

 

Messages that Self-Destruct

With our advanced burn a user can force wipe their own messages from another user’s device using a timer countdown.

 

Panic Wipe

From screen lock a user can type in a PIN and instantly wipe device’s data.

 

Password Wipe

After a set amount of password attempts on device all data is wiped.

 

Secure Boot

Upon boot, the device internally checks itself to ensure no one has tampered with the system files.

 

Tamper Proofing

Attack surfaces such as ADB connectivity and recovery mode have been removed..

 

Updates & Live Support

Frequent application updates direct. Includes live support.

 
 
 

EncroChat Platform Components 

 

 EncroChat

Our flagship product. It is a user-friendly secure instant messaging client designed for mobile environments. Security is guaranteed using our EncroChat Messaging Protocol.  This is an end-to-end encryption messaging protocol which provides excellent forward and future secrecy properties for symmetric-key updating, along with improved deniability guarantees over the OTR protocol and its variants. We have also vastly simplified user verification to remove the complexities of encryption for end users.  
 

 EncroTalk

Encrypts all Voice over IP (VoIP) conversations using the ZRTP protocol and transmits them over a closed loop network. A subscriber can send an invite request to another user on our network and, if accepted, can contact them almost anywhere an Encrotalk user resides. We currently have users speaking globally to one another in countries like Australia or China talking securely and crystal clear to subscribers in Canada or South America.
 

 EncroNotes 

You can safely encrypt your notes which are stored locally on your device in an encrypted database with its own passphrase contained within an encrypted partition. It is optional to backup your notes and contacts to our EncroChat secure data center. To restore your EncroNotes, we use two factor authentication - the IMEI of your device and your EncroNotes passphrase.
 

 EncroStatus

Gives users information about their SIM card, notifications about renewals, remaining subscription time and VOIP time.

 

 Push

After a year of planning, coding and testing, EncroChat secure chat messages are now pushed to the user as soon as they are received by the messaging service. The sender initiates the data transfer rather than the recipient. Our former infrastructure was based on the more standard, but inefficient, pull model where receipients would constantly request any new information be sent. EncroChat now deploys numerous distributed server endpoints globally. These new push server endpoints contain no metadata or information of our subscribers. Our push infrastructure is designed to be more resistant to network interruptions and attacks so subscribers will have a noticeably more stable connection worldwide.

 

 PGP

This product was added to our EncroChat suite to allow clients to transition their users from PGP to EncroChat secure instant messaging. Allows subscribers to carry a single device and move away from the stigma that a blackberry device creates out in public. Ours is the only Android PGP client that builds the private/public key pair locally on subscriber device and is compatible with PGP Universal server without using any RIM infrastructure; specifically, no Blackberry Enterprise Server (BES), no PGP Universal Server, and no Microsoft Exchange Server. None of our subscribers PGP messages go through the RIM infrastructure.

 

 Support Client 

Users can send messages about any support issues or questions through a separate communciations path.

Posted: May 9, 2016

Subject: Links to articles pertaining to security of BlackBerry PGP marketplace.

We have had many requests for a collection of pertinent articles regarding the state of the security of the Blackberry PGP market. Several links to articles from news sites are listed below and we will continue to add to this repository as time goes on.

List of links

(click any below and will take you to original article)

September 15, 2016 - CDN judge releases 20,000 Blackberry subscribers data to Dutch crime probe  *** Former Ennetcom subscribers (and any third party PGP server that ever sent them a message) be aware the server data was seized and private keys on the server would allow wholesale reading of messages ***

June 9, 2016 - Blackberry taps user messages   **** Please READ ****

April 25, 2016 - Decrypted PGP Blackberry messages helped convict UK gun smugglers

April 19, 2016 - http://nos.nl/artikel/2100184-politie-haalt-versleuteld-netwerk-criminelen-offline.html

April 15, 2016 - Saint John drug network fooled by compromised police PGP Berries  *** NEW ***

April 14, 2016 - Exclusive: Canada police obtained blackberrys global decryption key

March 8, 2016 - http://www.parool.nl/amsterdam/experts-kraken-smartphone-van-de-onderwereld~a4259088/

January 13, 2016 - Police say they can crack Blackberry PGP encrypted email

January 12, 2016 - Canadian cops can decrypt PGP Blackberrys too

January 11, 2016 - Cops say they can access encrypted emails on so called PGP Blackberrys

December 27, 2015 - http://www.misdaadnieuws.com/om-00034.html

December 24, 2015 - http://www.misdaadjournalist.nl/2015/12/hoe-onkraakbaar-is-pgp-pretty-good-privacy-een-boeiend-dossiertje/#more-34285

December 22, 2015 - http://www.misdaadnieuws.com/rechtspraak-00033.html

December 21, 2015 - http://www.misdaadnieuws.com/amsterdam-00053.html

December 15, 2015 - http://blogs.blackberry.com/2015/12/the-encryption-debate-a-way-forward/

June 22, 2015 - https://www.canlii.org/en/bc/bcsc/doc/2015/2015bcsc1073/2015bcsc1073.html?resultIndex=1

Posted: April 6, 2016

Subject: Wi-Fi vs Cellular Network Debate

Before we begin, both type of networks are secured from eavesdroppers as we fully encrypt our communications end-to-end within our applications; specifically Triple Elliptical Curve Diffie-Hellman Ephemeral 25519 (ECDHE) key exchange with AES 256 cipher in CTR mode and HMAC-SHA256. Our EncroChat platform is further protected by deploying X.509 certificates in conjunction with Transport Layer Security (TLS) protocol on both our clients and servers. This verifies that the services our client devices are attaching to are indeed who they are supposed to be and is designed to prevent eavesdropping and tampering. We also do not rely on any third party Certificate Authority (CA) to validate our X.509 certificates (rather EncroChat is its own private CA); so there is no chance of an outside agency corrupting the certificate process. As additional steps, in our EncroChat application you can personally verify the remote user you are communicating with is indeed who you are talking to and that there is no man-in-the-middle (MITM) attack in progress.  This is a situation where an attacker secretly relays and possibly alters the communications between two parties who believe they are communicating directly with one another.

In a nutshell, we regard both Wi-Fi and the Cellular networks as hostile and do not trust either communication method to not be completely compromised when using (in fact we assume so). However, there are still some advantages in using one network over the other (especially with regards to tracking). 

a) A Wi-Fi modem utilizes much less power than cellular modems; therefore, less range. A standard smartphone will average around 32mW (15dBm) with a range of about 100M.  A cellular modem can transmit as much as 2000mW and its range is about 35kms.  If someone is tracking you, it is much more difficult with Wi-Fi versus the cellular network due to the much weaker signal.

b) Both Wi-Fi and cellular data modems transmit unique identifiers to their respective networks.  Wi-Fi transmits a MAC address to the Wi-Fi router and the cellular modem transmits an IMEI and IMSI to the cellular tower. It is not legal to change an IMEI and it is usually "burned" to the phone so you can always be tracked by the cellular carrier.  With Wi-Fi you can change the MAC address legally and as often as desired; thereby effectively rendering you invisible. EncroChat recently implemented random MAC address and random hostname functionality into our operating system through an over-the-air (OTA) update.

c) Wi-Fi networks are heterogeneous networks and cellular networks are homogenous.  Wi-Fi networks are a hodgepodge of many varied devices, with no central control, and no licensing is required as they are public spectrum environments.  The cellular network is licensed and controlled by a handful of entities all government regulated. They are required to provide government agencies with access to subscriber information, including location and metadata upon request. Most, including ourselves, believe government agencies have unfettered access to these networks.

d) Wi-Fi devices generally are assigned private IP addresses when connecting to Wi-Fi routers and are NAT'd (network address translation) to a single public IP address when communicating with the Internet.  Someone attempting to track a subscriber on the Internet can only trace back to the Wi-Fi router.  In a large area, with several people all linked to the same Wi-Fi router, it becomes very difficult to locate the exact device transmitting.  With cellular networks, the IP address assigned to each subscribing client can be tracked to the exact physical device quite easily as the IP address is linked to the IMEI and IMSI.  Using the cellular network, they can triangulate location and even change the power settings on the subscriber cellular modem to help them geographically isolate the device to within a few meters.

e) Wi-Fi routers generally employ Wi-Fi Protected Access II (WPA2) for encryption which has its own fairly decent security for transmitting data to the Wi-Fi router.  With cellular modems, it was discovered that the largest SIM card manufacturer was hacked by US and British spy agencies.  All data transmitted from client devices was open to them since at least 2010.

Originally Posted: March 28, 2016

Addendum: March 31, 2016

Update to fake blog post (original response starts at header Subject below):

Will do this is bullet form as not going to give fake “security researcher” any more space than necessary.

  • Not identifying yourself or your company due to in-fighting.  Lame excuse.  There are lots of credible security consultants and researchers and ALL stand behind what they write.  Hiding anonymously gives you zero credibility. 
  • Just because you type the word TRUE with no explanation as to why it is TRUE after we explain each one of your nonsense points as FALSE, again makes you a joke.
  • You again state your explanation from Cellebrite is true although it certainly isn’t.  Please explain to an end user how they would contact an organization that will not discuss any of their findings publically to anyone, especially make believe people such as yourself whose only writings in the entire world consist of articles attacking EncroChat.
  • In fact we are not owned by a company in Canada.  Not that it matters as we have nothing against Canadians.  Our resellers and many of our subscribers have actually met us face to face. Clearly you are neither and have nothing to offer except complete misinformation about us.
  • Oh and I do like my blog post mostly because it contains actual technical facts, not made up lies and nonsense.  You want to believe the world is flat go to town.  I prefer to believe 1+1=”2” not “lamp” as you do.
  • Love your comment that the evidence is not what it is about.  Wow, really?  So it isn’t about proving your point, but just slandering without any fact?  You say you are protecting the users with your technical expertise, which we have to say in all honestly you don’t have as stringing technical terms together doesn’t count.
  • As obviously this article is simply baiting people and we are forced to respond as you spread your nonsense through PGP messages to subscribers we have this proposal:  We will meet you at a designated place where you will demonstrate your “evidence."  We know you won’t because there isn't any.  But hey, you can respond now all you want and you have zero credibility. At least what we write we stand behind, which is why we post on our corporate website (not on an anonymous blog).  Oh and because we actually are real and exist we will come out and meet anyone to discuss our product.  We aren't hiding anywhere.
  • Parting shot: Your blog we don’t take with seriousness.  You are missing the point.  We are not laughing with, but AT you. See if you can figure out the difference.

 

Subject: The saga continues Part II titled: lies, lies, lies and using fake blogs to slander.

Sigh, woke up today with users sending me a link to a throwaway blog site where a fake user account has posted slanderous articles about EncroChat. Normally, would just laugh it off. I mean the Internet is a place where anyone can write anything.  For instance, it became national news when a rapper said the earth was flat and that spiraled into a big debate. Sheesh. So will respond to satisfy everyone that all is good with EncroChat and also poke fun at anonymous blogs.  

Anyways I digress. Let’s look at this first blog entry posted saying there is evidence we are working with NSA and other authorities.  First, cool that someone learned photoshop well enough to make an image of one of our devices near the NSA logo.  Good job.  Already frightened.  Blog entry purports to have some sort of whistleblower and that EncroChat is owned by “Super Lock Tight.”  Ummm, who the heck is that?  Apparently one of the largest PGP providers in Canada and that they have been working with NSA and FBI due to warrants issued.  Really, for such a large company, don’t even know who Super Lock Tight is.  Goes on to say a guy named Jeff owns EncroChat and he gave authorities access to servers.  Huh?  Never heard of him either.  Oh and that authorities were able to pull private PGP keys and stored messages from OTR accounts, blah blah.  Well first, we have no private PGP keys on our servers for our transitional PGP application. PGP public/private key is generated using our PGP client on the EncroChat subscriber device and the private key NEVER leaves the device. To boot we don’t use Off-The-Record (OTR).  PGP resellers who compete with us keep saying this.  So once and for all guys, we don’t. We are a derivative of OTR (we like the concept of OTR, but have numerous issues with the specific protocol so we vastly improved it).  Also, using EncroChat, our subscribers negotiate their own keys directly with each other and those keys are constantly changing every single message. 

So in looking over the rest of this blog entry, I’m amazed at the utter lack of truth.  Let’s start with the Super Lock Tight angle again.  EncroChat has no PGP core base.  We started as EncroChat, not as Super Lock Tight (can’t find anyone who knows who this is even supposed to be).  PGP resellers blocking us because of this, is amusing. The only reason we are being blocked by PGP resellers and their group of domains is financial. They are losing way too many customers to our EncroChat platform, as their platform has been proven unsecure and exposed by actual real reporters and technical professionals from recognized media outlets (reported without our help I might add).   

The blog entry muddles around trying to compare the EncroChat dual OS to Blackphone dual profiles, so somehow they are then the same and therefore we are susceptible to malware and keyloggers. The blog entry states how could EncroChat possibly do two operating systems and not do something wrong?  Wow. Well first, it is two separate operating systems, which means one does not see the other or even knows it exists (same as having two physical devices).  An infection of the standard Android OS does not infect the secured EncroChat operating system.  They are two different platforms, which is why you need to reboot to access either of them.  Comparing this to profile switching is just silly.  Totally different premise. Oh, and if this "security reseacher" had bothered to look at the standard Android operating system we provide, they would see that it itself is secured.

Then this blog entry goes on about Wi-Fi having some backdoor and the CIA using FinFisher can access the device and send screen shots.  What? What convoluted nonsense.  I will post a separate blog article on Wi-Fi vs Cellular network (SIM) later explaining that while both WI-FI and Cellular are both hostile environments, Wi-Fi is actually preferable.  FinFisher is not a Wi-Fi exploit and the CIA can’t just head on into your phone through WI-FI. Just complete fabrication.

Next, the blog entry purports to have tested EncroChat with their own forensic team.  That EncroChat cannot back its security claims.  That Cellebrite has commented on EncroChat and admitted to cracking it. Yeah, right more outright fabrications. All I have to say here is put up or shut up. Spreading lies and misinformation is pathetic. If you had anything, anything at all you would prove it. Making up quotes and lies is a bitch move.  Grow up. Guess you really think subscribers will swallow any nonsense you make up.  Why not tell us the world is flat while you are at it?

Next:

Second blog entry from same fake account stating weak PGP encryption and no security. 

As my response is getting long, will try to tighten this up.  I will just respond to each false statement in blog in simple terms as it tries to baffle users with technical jargon (hey, lot of technical terms, must be true….)

  1. We leak private IP address every time you send a PGP email so you can be tracked to your device.  Sigh.  Private IP addresses are non-routable on the Internet.  They are designed so private networks can use blocks of IP addresses that cannot be routed on the public Internet (i.e. tracked).  This is the very definition of a private IP address.  There are literally tens of millions of computers using the exact same private ip address space.  FALSE
  2. We are vulnerable to Heartbleed bug.  This is stated so a user can type it in a Google search and find that such a thing exists.  We are not susceptible to it. FALSE
  3. We are using self-signed certs. 100% we are. Snake oil? Really?  So the blog entry purports that it is better to go to a Certificate Authority (CA) and get a certificate. You know the ones that government agencies either subvert or hack to get a certificate so they can gain a foothold into your computer, smartphone, etceteras.  We don’t accept ANY certificate authority on our platform, except our own which we pin on all our apps so no-one can pretend to be EncroChat or any of the 211+ certificate authorities out there. True that we use self-signed certs. Argument is FALSE (and quite ignorant to boot).
  4. We use weak Diffie-Hellman keys (1024).  This just sounds good as users are like what the heck is Diffie Hellman? Sounds bad if they are using 1024 keys.  Diffie-Hellman Key Exchange establishes a shared secret between two parties that can be used for secret communication for exchanging data over a public network. EncroChat uses Triple Elliptical Curve Diffie-Hellman Ephemeral 25519 (ECDHE) key exchange which provides both forward and future secrecy.  Claim is again FALSE

Lastly, nice try you cost me some valuable time today responding to utter nonsense. Piece of advice, whoever is writing your blog entries is the technical equivalent of a dumbass.

Posted: January 20, 2016 
Subject: The BlackBerry Memory Cleaner
 
Preamble: In answer to the storm of criticism from subscribers about the recent revelations that seized Blackberry devices are exposing deleted encrypted PGP email messages, many PGP Blackberry resellers are telling their subscribers the Blackberry smartphone memory cleaner solves this issue.  Does that actually work?
 
Our Response:  In short, no. 
 
First, let’s examine the different types of memory that can be present on a Blackberry.
 
  • Application memory  contains running applications, the Java Virtual Machine (JVM), and currently accessed files in Random Access Memory (RAM).  Also referred to as flash memory or onboard memory.

  • Built in media storage is the embedded multimedia card (eMMC).  Not removable. It is also referred to as internal media memory and on-board device memory.  Essentially, stores data like PGP encrypted email messages, pictures, video, etcetera.

  • External media card storage is an optional and removable microSD card. This will not be discussed further as none of the Blackberry devices we are referencing should be using it.

As per a Blackberry knowledge base article, the memory cleaner just performs the function of secure garbage collection and clearing caches.  So items like temporary key store, cached data like address books, unencrypted email messages contained in flash memory or RAM are securely overwritten. 

In our research, it does not mention anything about securely deleting data on built in media storage (eMMC). In fact, the specification for eMMC does not address a method of securely deleting data until version 4.4 (deprecated in version 4.5).  The Blackberry memory cleaner does not employ a secure file delete or sanitize method of the eMMC storage. This explains why it has no effect on preventing data recovery of deleted encrypted PGP messages.

Check out NEWS for latest on EncroChat updates.  Check out BLOG for update on Ennetcom seizure      September 17, 2016