mSecure’s Security Model - Secure by design
A good security system should be an open book. That is, as a security provider, we should be able to provide anyone with the details of how we store and encrypt our user’s data, and that should have no effect on the system's security. If information stored on our server would somehow allow us to access your data, someone would eventually figure out how it was engineered, enabling them to gain access to your data as well. Instead, we architected the system so even we, the creators of mSecure, have no way to access your data.
Main points of interest
- Encrypted from End to End: Every time you use mSecure, your data is encrypted before a single byte ever leaves your devices. Your encryption keys are protected by your Account Password, so only you have the keys to unlock your secrets.
- Protection: Our security recipe starts with AES-256 bit encryption and uses multiple techniques to protect your data at rest and in transit.
- Account Password: Not just the password you use to unlock the app, it also plays a key role in encryption. Only you know your Account Password.
- Account Key: Also a star player in key derivation, this random 46 character key is generated locally on your device. Only you have access to your Account Key.
- TLS encryption: All communication is handled with TLS/SSL encryption.
- Account Key, a form of Two Factor: Security professionals recommend using multiple authentication factors: “something you know”, like your password, and “something you have”, like an authenticator app on your phone. The Account Key takes this idea to the next level. It doesn’t just authenticate you with our servers; it also plays a direct role in encrypting your data. That’s important, because it strengthens your Account Password exponentially. And since it never gets sent to us, your Account Key can’t be reset, intercepted, or evaded.
Many people are often concerned (and rightly so) that if big companies have security breaches, how can mSeven Software be any different. The fact is, the problem we are solving is very different than the problem other typical websites face. Most websites need to have access to the information in your account. For example, when you make a purchase with an online retailer, they need to know your credit card information in order to charge you. When you use your bank, they need to know how much money you have in your accounts and what transactions you’ve made.
With mSecure, we don’t ever need to have access to your information. Instead, we just need to store it away for you and provide you with the secure means to retrieve it. The way our account system works is when you sign up for an account, we generate an extremely secure password on your behalf locally on the device. We call this password an account key. This password is 46 characters in length and includes both letters and symbols. This account key is the encryption key needed to access your information.
Password length and entropy
Let’s talk about what a password with a length of 46 characters means. If a hacker were to somehow get a hold of our cloud database, and, for the sake of this example, they had access to a million dollar computer system that can process 360 billion different passwords a second, it would take approximately 1.5 * 10^49 years to get through all of the password combinations for one account. That is, it would take 150,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 years. To put this into a bit of perspective, it’s generally accepted that the universe is 13,800,000,000 years old. However, the super computer would not need to go through all of the possible password combinations. On average, it would find any given password in half that time. It might find your password a bit sooner or a bit later, but the odds of it finding your password within the next billion years is extremely low, and you’d have to be pretty unlucky for even that to happen.
So how does the system work then? As mentioned, when you first sign up for an account or sign in to an account for the first time, the mSecure app on your device generates a super secure password mentioned above that we call an “Account Key.” mSecure will then take a known piece of text (it doesn’t really matter what the text is, but it happens to be a copyright notice) and encrypt it with your account key. That encrypted text is then stored in your mSecure account on our system.
To be clear, this is not the account key itself; it’s a known piece of text that has been encrypted with the account key. We then encrypt the account key with your account password – the password you use to unlock the app – and store it in the mSecure database locally on your device. Next, we send you an “IMPORTANT: mSecure Account QR Code” or “mSecure Authentication” email that contains your encrypted account key, which is required to authenticate you as the owner of your account. The encrypted account key is displayed in the form of a QR code image and in text form in the email.
Once signed in, when you unlock mSecure on your device, mSecure reads the encrypted account key out of your local database and decrypts the account key with your account password. This is why you don’t need to use the QR code each time you launch mSecure.
When you want to install and use mSecure on a new device, we require you to sign in with your email and account password then ask you for the QR code (if one of the automated authentication options does not work or is not set up). mSecure reads in the encrypted account key from the QR code or encrypted account key text available in the email, decrypts the data in the QR code or encrypted account key text with your account password then downloads the known piece of text mentioned earlier from your mSecure account. Once the known piece of text is downloaded, mSecure attempts to decrypt the known piece of text with the account key, and, if the decryption is successful, mSecure authenticates you as the owner of the account locally on your device.
After authentication, mSecure syncs in your data that is also encrypted with your account key using your sync method of choice (additional sync setup might be required). After your information is synced in, your data can finally be decrypted with your account key. Again, all of the data encryption and decryption takes place locally on your device(s).
To be sure, keeping your data secure is a complex process, but the most important point is this: Your information is never in a readable/decrypted state outside of the mSecure app running locally on your device.
Did you find it helpful? Yes No