Cutting-edge encryption, strong mutual authentication and advanced security on the edge.
Keep your confidential communications safe with RealTyme secure collaboration suite.
RealTyme performs mutual authentication through digital signatures via the use of public key cryptography (ECDSA with SHA256/512 over the curves P-256 and P-521) between the applications and server, as well as directly between the applications.
RealTyme direct and group messages are encrypted individually in three layers: first, with end-to-end encryption between the applications (using the authenticated encryption mode of operation AES-256 CCM), followed by an application specific client to server encryption and finally a transport layer via standard TLS.
RealTyme uses the widely adapted standard WebRTC for audio and video calling. For cryptographic operations, we use the underlying mechanisms DTLS (authenticated key exchange) and sRTP (media encryption with AES-256 GCM) that are publicly available as open-source protocols.
All the data (e.g., messages, contact lists, files, call history, etc.) is stored in an encrypted way on mobile and desktop applications. The keys on the mobile devices are device-specific and can only be exported via RealTyme’s secure back-up mechanism via a specific password.
An auxiliary device has a dedicated key material, and each action (messaging, file sharing, calling) is done for each device separately. The data exchange across devices is ensured in an end-to-end encrypted way. No permanent data storage is done on the server side for data syncing.
RealTyme mobile applications are secured against reverse engineering through code hardening and obfuscation; applications are equipped with run-time protection, code integrity, and jailbreak/root detection.
Users are given numerous options in the mobile application for advanced security settings, ranging from automatic screen lock, biometric authentication, secure back-up, screenshot detection, and automatic data deletion.
Organizations can enjoy a fully isolated RealTyme instance and control the entire cryptographic keys in full autonomy. Customer specific private PKI and HSM integrations are available for governments, defense organizations and enterprises requiring the highest level of security.
All the RealTyme application data is already encrypted via the data at-rest encryption mechanism; thus, the application data can be backed up securely via standard methods. The encryption keys are secured via a user-defined back-up password and archived in a separate way via RealTyme servers.
