1. End-to-End Encryption

CallX employs state-of-the-art end-to-end encryption for all communications:

• Signal Protocol: Our messages are secured using the industry-standard Signal Protocol, ensuring that only intended recipients can read your messages.
• Perfect Forward Secrecy: Every message uses a unique encryption key, so even if one key is compromised, past and future messages remain secure.
• Encrypted Media: All images, videos, and voice messages are also end-to-end encrypted before they leave your device.

2. Secure Authentication

CallX provides multiple methods to verify your identity and protect your account:

• Two-Factor Authentication (2FA): Add an extra layer of security with 2FA, requiring both your password and a verification code.
• QR Code Authentication: Securely log in to the desktop application by scanning a QR code with your mobile device.
• Recovery Phrases: Generate a unique recovery phrase to restore access to your account if you lose your device.
• Biometric Security: Use fingerprint or facial recognition to access the app on supported devices.

3. Data Security

We protect your data at rest and in transit with these security measures:

• Secure Data Centers: All CallX servers are hosted in secure, SOC 2 certified data centers with physical and electronic security controls.
• Transport Layer Security: All connections to CallX servers use TLS 1.3 to protect data in transit.
• Local Encryption: Data stored on your device is encrypted using platform-specific encryption technologies.
• Minimal Data Retention: We store only the data necessary to provide our services and automatically delete unnecessary data.

4. Privacy Controls

CallX puts you in control of your privacy:

• Message Expiration: Set messages to automatically delete after a specified time.
• Screen Security: Prevent screenshots and screen recordings in the app.
• Disappearing Messages: Send messages that automatically delete after they've been viewed.
• Remote Device Management: View and log out from any active sessions on other devices.

5. Verified Communications

Ensure you're communicating with the right person:

• Safety Numbers: Verify the identity of contacts by comparing unique safety numbers.
• Verified Profiles: Official accounts and businesses are verified with a badge to prevent impersonation.
• Secure Calls: Voice and video calls are secured with end-to-end encryption and show a security indicator.

6. Security Audits

We regularly validate our security practices through:

• Independent Security Audits: Our security practices and code are regularly reviewed by independent security firms.
• Bug Bounty Program: We maintain an active bug bounty program to encourage responsible disclosure of security vulnerabilities.
• Open Source Components: Many of our security components are open source, allowing for public code review.

7. Report Security Issues

If you discover a security vulnerability in CallX, please report it to us through our Contact page. We take all security reports seriously and will respond promptly.