SecureSocial Identity

Due to current geo-political atmosphere, is no longer available to new customers

The concept of user Identity is central to SecureSocial. Each Identity consists of a secure cryptographic key pair (private and public keys) and a unique 6 character string - an identity ID. Public key and identity ID are stored by SecureSocial service and are used to identify each user. Public key is made available to other users of the service so they can encrypt messages addressed to this user. At no time private key is used by the service, it remains client-side and used by service clients to sign and decrypt messages.

See this Wikipedia article for good introduction of public key cryptography.

When new SecureSocial Identity is created, public key gets uploaded to service and is assigned new Identity ID. SecureSocial Android App can create new key pair for you or you can upload your own keys. SecureSocial keys are compatible with standard GPG / PGP keys, in fact they are standard PGP keys.

If you use your own keys, this adds one additional layer of protection because you really don't even have to trust SecureSocial itself.

SecureSocial employs concepts of Trust No One and Pre-Internet Encryption. Unlike other public networks, we do not spy on the content created and exchanged by our users. The downside of that is that we rely on people buying our user tokens to keep our service running.

A user can optionally specify a free-form name that is visible to all other users on SecureSocial network.

SecureSocial Messaging

All SecureSocial Identities are capable of sending messages to each other. The sending Identity is expected to sign the message with its private key. Service then can verify that Message is authentic.

Messages directed to particular user get added to his/her user queue. User can accept messages from particular sender, ignore them or block the sender completely. SecureSocial platform does not look at the content of the messages other than verifying their authenticity.

Messages from accepted Senders get added to the Timeline of the recipient. Timeline is date-organized structure in the cloud. A User can retrieve and manipulate messages from his/her timeline.

SecureSocial App adds to this by treating each message as an opaque envelope. Each envelope is encrypted using AES and random, one-time-use message key. Message key is then separately encrypted with public key of of each recipient and added to the message. API page shows an example of how this looks like. When message is received, recipient uses his/her private key to decrypt the message key then uses message key to decrypt the envelope.

Messages can be sent to multiple recipients in one go. SecureSocial App maintains lists of users and groups of users on the SecureSocial network that you can customize.

Messages may include optional attachments. SecureSocial App allows sending any document from your device (including photos and videos) as attachment. Attachment is encrypted with separate AES key.

SecureSocial Tokens

SecureSocial service is NOT financed by ads or by collecting private information from its users. Our sole source of funding is proceeds from selling SecureSocial tokens. Tokens can be used on SecureSocial devices (such as Android phones and tablets running SecureSocial App).

Traffic originated from devices with a token takes priority over "free" traffic. We make best effort to deliver messages that are not associated with valid token, but such requests may time out or be rejected, especially at peak times.

You can associate one token with multiple devices. Tokens are sold for certain amounts of traffic, starting with $4 for one GB.