Security is for Everyone
Whether personal or business, your conversations and data are private by design. You are in charge, always.
Wickr employs multiple layers of encryption to secure your data and messages, both at rest and in transit, including:
- Wickr username, application ID and device ID are cryptographically hashed with multiple rounds of salted SHA256.
- Data at rest and in transit is encrypted with AES256.
- As part of Perfect Forward Secrecy, each message has a new encryption key that is deleted as soon as message is decrypted.
- Message encryption keys are encrypted with a key produced using ECDHE.
- Messages are bound to both the receiver’s application and device.
- No password or password hashes ever leave user device.
- All user content is forensically wiped from the device after it expires.
- Your UDID (Unique Device Identifier) is never uploaded to our servers so you are always anonymous to us.
Securely Connecting the World
Content is encrypted locally on user devices and is only accessible to intended recipients. Wickr never has the decryption keys.
No conversation lives beyond its useful life – you decide when your content gets automatically deleted for good.
Perfect Forward & Backward Secrecy
Every message, file and call is encrypted with a new random key. As of now, breaking just one key would take trillions of years to decipher.
Even in the case of a breach, Wickr servers have no user communications - they are undecipherable in transit and deleted upon delivery.
User Key Verification
After exchanging keys with your contact, Wickr provides tools to help verify the identity of the person using the keys on the other side of your conversation.
Wickr enables your business to run your own private network. Control and centrally manage security policies for your users.
Users within one Wickr network can communicate with partners in other Wickr networks while still maintaining security and ephemerality controls.
Not only is your calling on Wickr end-to-end encrypted, it is also protected with forward security — whether 1:1, or in conference calls.
Premium data deserves premium security. That’s why we are committed to working with world-leading experts to thoroughly inspect our code.
Wickr’s messaging protocol is also available for public review.
“Aspect found no weaknesses in the latest version of Wickr software that would allow Wickr or a third party to gain access to unencrypted user messages.”
“Wickr met or exceeded the security score outlined in the Veracode Risk Adjusted Verification Methodology for an application at the high assurance level.”
“Rather than relying upon point-in-time security assessment, Wickr & NCC Group developed an iterative & transparent process that attests to Wickr’s commitment to protecting critical data & communications.”
SOC 2®. Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.