Sicher

Sicher
Developer(s) SHAPE GmbH
Initial release June 2014 (2014-06)
Development status Active
Operating system iOS, Android, Windows Phone
Type Instant Messaging
License freeware
Website www.shape.ag/en/

Sicher (German language word meaning "safe", "secure" or "certain") is a freeware instant messaging application for iOS, Android, and Windows Phone. Sicher allows users to exchange end-to-end encrypted text messages, media files and documents in both private and group chats. Sicher is developed by SHAPE GmbH, German company which pioneered mobile messaging with IM+ multi-messenger app it has been offering since 2002.[1]

Security

Sicher uses asymmetric point-to-point RSA cryptosystem with 2048 bit long key.[2] All data exchange between mobile apps and Sicher servers is protected using SSL. Company claims that encrypted messages are deleted from servers as soon as they have been delivered to recipient.[3] Lifetime of encrypted data (pictures, voice messages, files) is defined by message self-destruction timer value which has a maximum of 14 days, however the chat participant may choose to manually purge messages. On mobile devices all messages, received files and metadata are encrypted before saving them to internal storage, where application passcode is used as a key to symmetric encryption.

Privacy

Sicher uses phone number for user authentication due to phone number being a unique identifier that can be easily confirmed and an efficient anti-spam measure. User’s address book is used for discovery of Sicher contacts, however address book data is not stored on Sicher servers. User may choose to receive anonymous notifications about new messages, which means that notification on lock screen will not display content of incoming message, including sender’s name.[4]

Controversy

Because Sicher is a closed source proprietary application, it is not possible to verify whether the claimed encryption standards are properly used and well implemented. Furthermore, it can not be verified if the servers are free of intentional or accidental security flaws.

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.