Zero-knowledge Encryption Explained
Privacy is at the heart of why we created Twasme. Zero-knowledge encryption means that nobody can access the information, documents and images you store in the Twasme app. Not even the Twasme team.
The Key to Data Protection
Other service providers and app developers may do their best to ensure your data is “secure” from outsiders, however, they do not provide complete zero-knowledge encryption – for reasons that reflect their own interest in your data.
Zero-knowledge encryption is the ultimate block to hackers, tech giants, and government agencies alike. It’s no wonder experts declare zero-knowledge encryption as essential for online privacy – ensuring that only you and those that you choose to share your keys with can unlock your data.
All the information, documents and images you add to Twasme will be stored directly on your device, allowing you (and only you) to access it at all times; even in flight-mode or in areas with no WiFi or network signal.
When you create a free account the Twasme app will use a well-known, highly trusted algorithm (AES-256) to encrypt and backup your data on our secure servers. In the event that you lose or damage your device, you will be able to recover everything to your new device.
When you choose to share a topic with someone, you will send an encryption key to them. Sync services will then separately send a copy of your encrypted data to their device.
The data is unlocked by the encryption key and proceeds to keep each copy of the data synced. The electronic key chain used to protect your data is never sent to or stored on our servers, ensuring we can never have access to your data.
Zero-knowledge encryption requires that there be a ‘Master Key’ that only you know. It is never shared. If you enable backup or sharing services, Twasme will ask you to set and keep a record of your Master Key.
To ensure total data protection, once a Master Key has been set Twasme will default to the highest level of security. This makes it impossible to offer a reset process for a forgotten password or master key.
In summary, the price of totally secure data is that if you forget your password or Master Key then you lose access to your data. Nobody can grant you access again, because nobody has Master Key access but you.
The Key Recovery Option
If you feel the need to have a password reset function is essential, Twasme does offer the option for you to activate this.
We have partnered with Amazon’s secure ‘AWS Cognito’ service to provide users with the option to have their Master Key stored. This will allow users who forget their Master Key to have a password recovery sent to them by either email or text message.
If you enable this option, it will always be possible to request a recovery email or text allowing a password reset that includes recovery of your master key.
Whether you choose to enable this option, or to personally keep a record of your Master Key is entirely up to you.