Security is the #1 priority in every product design and feature decision we make.
State of the Art Cryptography
256-bit, authenticated end-to-end encryption. Content is encrypted locally on user devices and is only accessible to intended recipients. Wickr never has the decryption keys. FIPS-140-2 certified clients available.
Perfect Forward Secrecy & Post Compromise Security
Every message, file and call is encrypted with a new random key. As of now, breaking just one key would take trillions of years.
Zero Trust Platform Design
We believe the first rule of building a secure communication service is to ensure that the service provider can't access the communications. Even in the case of a breach, Wickr servers cannot leak user communications - they are undecipherable in transit and deleted upon delivery.
Ephemerality and Antiforensics
Message autodelete based on time sent and/or time read, digital shredder. No conversation lives beyond its useful life.
Advanced Security Features
Multifactor authentication, account takeover protection, device encryption at rest, client network traffic obfuscation, secure link previews, message revoke, user blocking, screenshot detection, overlay protection, and more privacy settings.
User Key Verification
After exchanging keys with your contact, Wickr provides tools to help verify the identity of the person using the keys on the other side of your conversation.
Constant bit rate VoIP, Scrypt-based password hashing, constant time hardened crypto implementation, security memory management and deletion, hardened binaries.
Premium data deserves premium security. That’s why we are committed to working with world-leading experts to thoroughly inspect our code.
Wickr’s messaging protocol is also available for public review.
“Aspect found no weaknesses in the latest version of Wickr software that would allow Wickr or a third party to gain access to unencrypted user messages.”
“Wickr met or exceeded the security score outlined in the Veracode Risk Adjusted Verification Methodology for an application at the high assurance level.”
“Rather than relying upon point-in-time security assessment, Wickr & NCC Group developed an iterative & transparent process that attests to Wickr’s commitment to protecting critical data & communications.”
SOC 2®. Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.