How can we help you?

Frequently asked questions

General

  • Your messages are transferred securely as well as locally protected with Elliptic Curve Cryptography (ECC) based algorithms. They can only be read by you and the recipients you sent the messages to.
  • Each SafeSwiss user defines their own SafeSwiss ID and password. This is the only mandatory information required. A phone number or email address is not required to use SafeSwiss. This unique feature allows you to use SafeSwiss completely anonymously - unlike many other messaging apps
  • SafeSwiss uses state-of-the-art asymmetric cryptography based on Elliptic Curve Cryptography (ECC) in general and on the ‘Box’ model of the NaCl Networking and Cryptography Library; to protect (encrypt and authenticate) messages between sender and receiver, as well as the communication between the app and the servers. SafeSwiss encryption code is open to independent audits.


    There are two layers of encryption: end-to-end layer between the conversation participants, and an additional layer to protect against eavesdropping of the connection between the app and the servers. The latter is necessary to ensure that an adversary who captures network packets (e.g. on a public wireless network) cannot even learn who is logging in and who they are sending a message to.

  • The asymmetric keys used in SafeSwiss have a length of 256 bits, and their effective ECC strength is 255 bits.


    The shared secrets, which are used as symmetric keys for end-to-end message encryption (derived from the sender’s private key and the recipient’s public key using ECDH, and combined with a 192 bit nonce), have a length of 256 bits.


    The random symmetric keys used for media encryption are also 256 bits long.


    The message authentication code (MAC) that is added to each message to detect tampering and forgery has a length of 128 bits.

  • That is absolutely not possible. Our SafeSwiss servers merely facilitate a secure exchange between sender and recipient. At no time is unencrypted message content stored on any SafeSwiss server.
  • SafeSwiss servers are keeping registered SafeSwiss IDs as the only mandatory information. Any further data such as a user’s profile pictures, email address or phone number is optional and only used for synchronization purposes. However, during the synchronization process all provided email addresses and phone numbers from your address book are anonymized (hashed) before they reach SafeSwiss servers. Once the comparison is finished, all data is immediately deleted from the server.
  • SafeSwiss transmits encrypted data (text, voice, files, etc.) via the internet (through WiFi or mobile network provider). Thus aside from internet connectivity costs (depending on the mobile network provider), there are no other fees.
  • Absolutely, and in current versions for iOS, Android and PC platforms, there is no limit on the number of group members. New groups can be created by using the menu item 'New chat' - where group chat participants are selected from the list.
  • Unlike the majority of other messaging providers, your identity in SafeSwiss is not dependent on you providing a phone number or email address. Every SafeSwiss user can choose their own SafeSwiss ID (when creating a new SafeSwiss account). This unique ID is your address in SafeSwiss – making it possible to use SafeSwiss with complete anonymity, with the option of not disclosing any personal information.


    Your unique SafeSwiss ID is one of three key components that make up your identity in SafeSwiss. The other two components are a public key and a private key used for the encryption process. Your unique SafeSwiss ID is permanently tied to your public key. The public key is sent to our SafeSwiss secure servers to be distributed to your recipients, the private key remains securely stored on your device.

  • Messages and media files are stored fully end-to-end encrypted on SafeSwiss servers until they have been delivered successfully, or until 7 days have elapsed (whichever happens first).
  • Screenshots are disabled and cannot be captured on Android. SafeSwiss is currently working on alternatives for other platforms that will address this feature.
  • Our current freemium model will allow us to keep the SafeSwiss Private Messaging App entirely free. SafeSwiss will also introduce SafeSwiss premium and SafeSwiss business-plus versions - available as in-app purchases. These will provide video conferencing and the ability to encrypt and share very large files.

Security

    • High quality peer to peer encrypted voice calling
    • Encrypted voice messaging
    • Encrypted text chat
    • User defined self-destruction feature on both sender and recipient’s devices from one second to one year after transmission
    • Encrypted location share
    • Encrypted selfies
    • Encrypted share of pictures, videos, documents (up to 10MB)
    • Secure share of contacts to other SafeSwiss members
    • Secure group chat
  • SafeSwiss currently operates on mobile platforms Android and iOS and on PC platforms such as Windows and Mac OS.
  • SafeSwiss offers high quality encrypted voice calls that operate over a myriad of networks including WiFi, 3G, 4G, and 5G etc.
  • Yes, absolutely. Unlike most other messaging services, your identity in SafeSwiss is not tied to any specific phone number. You have the freedom to use SafeSwiss without any limitation on a device that does not have a SIM card.
  • All primary servers that are needed directly for the operation of SafeSwiss are located in secure facilities in Zurich, Switzerland; Switzerland has some of the world’s strictest privacy laws. Some auxiliary servers that only host public information, e.g. DNS servers, public websites or software download mirrors, may be hosted outside of Switzerland for capacity, latency and redundancy reasons.
  • As we don't have the secret keys of our users (your secret key never leaves your device), there is no possibility to disclose any user related information. Our servers do need to know who is sending a message to whom, so that they can route it to the correct recipient, but they do not log this information, and cannot decrypt the message's content. Any conversation, video message, text, or phone teleconference is encrypted from your device to the other party’s. We have no access to it, so we can’t disclose what we don’t have access to.
  • Many providers of secure messengers claim that their product encrypts the messages that users exchange. However, most of the server operators can still read the content of the messages due to the following reasons:


    • Transport encryption only: usually only the connection between the mobile device and the server is encrypted, e.g. using SSL/TLS. While this means that messages cannot be intercepted while in transit over the network (a common problem in public WiFi hotspots), they are in an unencrypted format once they reach the server.

    • End-to-end encryption without key verification by user: in this case, the provider claims that they utilize end-to-end encryption, but due to missing user interface functions, the user has no way to verify that another contact's public key really matches with the private key that is only known to that contact. Therefore, it is relatively easy for an operator to perform a MITM (man in the middle) attack by manipulating the automatic key exchange without being detected. Subsequently, they can decrypt and even forge exchanged messages.

    SafeSwiss uses state of art end-to-end encryption technology and enables users to verify the public keys of their conversation partners.

  • Yes, SafeSwiss includes its own, specific encryption based on XSalsa20 stream cipher as well as Poly1305 MAC authentication to protect stored messages, media and your private key. The key used for this encryption is generated randomly the first time you start SafeSwiss. Please note: the application protection PIN which can be enabled independently is simply a UI lock and does not cause any additional encryption.
  • All data is electronically deleted and overwritten (if self-destructed, on both the sender's and recipient's device) to eliminate any possible remaining meta information.
  • Lost SafeSwiss passwords cannot be recovered. However, you can reinstall the SafeSwiss app then set up a new SafeSwiss account (you will lose all saved messages as well as your SafeSwiss ID unless you have a backup).


    If you activate your application protection PIN, but forget the PIN, you can type in an incorrect application PIN 10 times. This will automatically lead to the SafeSwiss login screen again, then you will need to type in your SafeSwiss ID and password to access the SafeSwiss messaging app. If you also forget you SafeSwiss Password, this cannot be recovered - see above.

  • You have the option to pre-determine the self-destruction period when sending a chat message. The expiration countdown begins immediately on the recipient’s device once the message has been opened/read.

Contact us

We'd love to hear from you

For any suggestions or enquiries, DM us on Social Media, send an email or use a contact form