FAQ

Frequently Asked Questions

To better understand how our encryption protocols protect you and see all the productivity features inside ChatMail, take a stroll through our how-to tutorial videos. Plus, we have many more FAQs below to help you if you're just starting your encrypted phone discovery.
Can you download third-party apps on the ChatMail device?

No, allowing third party apps on your encrypted device compromises the entire system. Sadly, popular smartphone apps present a major data liability. The permissions you grant to app developers means you are giving away your personal information, which they don’t always store securely. Sometimes they collect and sell this data as a routine function of their business model.

It’s also impossible to track how your data is shared once you have accepted the permissions policy to use the app. The safest thing is to use a hardened device that deliberately excludes third-party apps.

When you entrust your privacy to a free app, you’ll get what you pay for.

What are the advantages of owning a private Data Center?
  • Exclusive Security Measures: Our servers maintain a 99.9% uptime track record, and are engineered with DDoS Protection Services from Radware®. Security is strengthened with additional on-site safety measures including restricted access, video surveillance, emergency power systems, fire protection, fail-safe air-conditioning, and redundant internet connections.
  • No storage: Your privacy can never be compromised as our proprietary servers are designed to not store anything beyond your username, activation date, and expiry date.
  • No roster. If we included rosters like Off-the-Record Messaging (OTR) does, we would be storing your Contacts and Group Chat members. Further, with OTR the conversation is only partially deniable, and with ChatMail you have full deniability.
  • High Availability: All applications and services are designed with high availability at the forefront. Having our own data center allows us to scale and increase our uptime without worrying about cost associated with outsourcing to third party data centers.
What is ChatMail? Is it an app? Is it a device?

Both. ChatMail's multi-layer integrated encryption application safeguards your calls, messages, voice, group chats, camera and notes. ChatMail is only offered on locked-down devices that protect against hardware exploits. Our solution comes secured on either Blackberry® UEM or our custom security focused operating system, Renati.

What makes ChatMail Special?
  • Proprietary Design: ChatMail Advanced Messaging & Parsing (CAMP) Protocol encompasses both our PGP and Elliptic Curve Cryptography.
  • Provable Encryption: We offer live data extractions to prove that messages are individually encrypted and even we cannot see them. Everyone says they’re encrypted, but how do you really know?
  • Private Data Center: ChatMail is hosted from a private state-of-the-art data center with round-the-clock security and security controls eliminating the risks associated with outsourcing to third-party data centers where maintenance, back-up protocols, and physical access are often unknown.
  • PGP External Messaging: We were the first encrypted phone solution to parse PGP for messaging. We don’t control who you talk to or lock you into a single provider, offering 4096-bit PGP encryption for external conversations.
  • Quality & Speed: No matter where you are in the world, ChatMail’s message delivery speed and call quality surpass the competition.
  • Secure against MITM attacks: ChatMail utilises a custom designed man in the middle protection that operates seamlessly in the background. Preventing your communications from becoming compromised without your knowledge.
What Mobile Device Management solution does ChatMail run on?

We offer two different types of device management solutions:

  • Android For Work (AFW) powered by BlackBerry® Unified Endpoint Management (UEM). UEM allows our partners to secure publicly available off-the-shelf devices. For extra security, we do not run the virtual server instance of UEM on their cloud. We run our own self-hosted instance, in our own private data center, to prevent unauthorized access and intrusion. BlackBerry cannot push apps to a ChatMail device.
  • Renati Mobile Device Management (RMDM) controls our custom hardened mobile operating system. Our in-house development team approaches gaps in mobile security by implementing a Zero Trust security framework. By changing how Android itself is architected we give clients the strongest security available for managed devices. RMDM uses no third-party software and is offered as an alternative to BlackBerry UEM.
Where do you backup and restore the user data when you claim serverless storage?
  • ChatMail forces you to use a strong password. Only the device associated with your backup can restore and only your password can retrieve the backup. You cannot access backups from anything other than a ChatMail device.
  • We do not use rosters. We do not use group storage. We do not store email. We do not store chat messages.
  • Contacts are sharded across databases and only the user of the device associated with the backup can access them. They are also encrypted by you and only you.
  • If your device is lost, wiped or stolen, you will lose everything if you don't optionally back up your notes or contacts.
Where is your Data Center located?

Our state-of-the-art data center is located at our high-tech Myntex headquarters in Calgary, Alberta, Canada. Canadian laws support human rights, privacy, encryption, and due process.

Who are ChatMail Clients?

Our clients are privacy-cautious individuals and enterprises from virtually any vertical, located around world. The fact is that no person, and no firm, big or small, is immune to hacks.

From an individual perceptive, hackers often look for attractive targets such as politicians, media, influencers, and affluent individuals. ChatMail is supremely suited for professional services firms designed to protect and secure the interests of their stakeholders as well as project-management companies with remote teams requiring secure group collaboration. Data protection is a non-negotiable priority that for many companies is becoming increasingly required at the mobile level.

Who owns ChatMail?

ChatMail is a custom engineered encrypted mobile communications solution, owned and operated by Myntex Inc., with headquarters in Calgary, Alberta, Canada. Myntex was co-founded in 2010 by Geoff Green, Chief Executive Officer and Chantel Duplantie, Chief Operating Officer. Green is a firm believer that everyone has the right to privacy, and he envisions a future in which technology empowers the masses through secure mobile solutions. Myntex has ensured the privacy of over 40,000 customers’— keeping its client’s mobile communications safe from security risks.

Are undelivered messages stored on the device, in RAM or on a server? If the message is never delivered, how long does it stay in existence?

This is a very common question. Servers either virtual or bare-metal both use RAM and a some type of storage device such as a solid state drive. When companies talk about not using server storage, they are normally referring to not saving private data to disk and keeping everything in memory to facilitate fast communication. A message is a message, an undelivered message is no different than a regular message. To describe it a different way. When you send a message you send it and basically forget it. The server will look for an open push tunnel to the intended recipient and forward the message. If the user is offline, it will sit in RAM until the server is restarted or the queue expires.

Can I communicate with other companies that offer PGP encryption?

Yes. We know how important it is to be able to talk to people on other encrypted networks.

If the other provider has followed the proper implementation guidelines, you will be able to communicate with them. Please note, if you receive a red “Message could not be decrypted” error it may mean the other company is sending unencrypted messages. By design ChatMail will not allow you to read or reply to unencrypted messages.

Could you decrypt my messages, for example if you were required to by law enforcement?

No, the keys used to decrypt messages are stored only on the user device. We have no access to a users’ device making decryption or altering a message in transit impossible.

Does ChatMail offer PGP?

Yes, and we’ve improved it. Our CAMP Protocol automatically removes any previous replies from the chain and only includes the last relevant message for context.

  • Our parsing algorithm makes PGP email look like a chat message.
  • We strip out all unnecessary information to prevent leaking metadata.
  • Companies that claim to delete messages older than 24 hours do not delete message threads and they often contain weeks’ worth of confidential communication.
  • With our custom designed PGP relay system, the message will be in memory queue for up to 3 days.

PGP encryption is optional, as a user you can choose to disable PGP and only allow internal ChatMail communication.

How do ChatMail's encryption keys work?

Your cryptographic keys are generated by you, and only you have access to your data.

You can generate new keys with the click of a button. Each message session with each contact is encrypted with a different set of keys. If any key is ever compromised, it will never result in the decryption of previously transmitted or future messages.

Key cache has been designed so every 24 hours public keys are automatically fetched to make sure you never have an old public key. Individual key lookups can be updated manually in a matter of seconds.

How does end to end or p2p encryption work if nothing is stored on servers?

All communication systems must use servers. Servers facilitate push messaging protocols, so each message knows where to go. When we talk about storage there is different types of storage. Traditional storage methods would be hard drive and solid-state drives. An alternative approach is to use in memory storage which prevents physical storage on the server. Mind you in either method they are encrypted which means they would need the private key from your phone. But still bad practice to use physical storage.

What you should use is memory storage like Redis or Erlang. Using in memory (RAM) on the server allows for fast queuing, extreme performance, and easy protection. If a server is taken the power is cycled and the queue is gone instantly.

What are ChatMail’s encryption protocols?

ChatMail provides an integrated end-to-end encrypted messaging protocol. Inspired by the world's leading cryptographers, instant messages are encrypted with ChatMail Advanced Messaging and Parsing Protocol (CAMP), which is unique to ChatMail and encompasses both our PGP and Elliptic Curve Cryptography (ECC). ECC encryption has been the cutting-edge form of cryptography for decades and remains so to this day.

ChatMail key exchange utilizes the Double Ratchet Algorithm which combines the cryptographic ratchet based on the Diffie-Hellman key exchange and a ratchet based on the key derivation function.

Is GPS disabled on ChatMail?

Yes, GPS is disabled on both UEM and Renati. UEM is configured to use mock location data so if it's ever requested it is fake. Renati goes further and completely disables all Location Services code from the System Location UI, Fused Location, Hardware Abstraction Layer and GPS module. Learn more about Renati.

What are “Rolling Keys”?

When referring to end-to-end encryption Rolling Keys is just another marketing term that has no significance. Your cryptographic keys are not “rolled”. Try searching for, “rolling keys elliptical curve cryptography” and see what you find. If this is an industry standard, we should see references all over the internet.

The correct terminology is Key Ratcheting popularized by the Double Ratchet Algorithm which is employed by most modern end-to-end encrypted communication solutions.

What is the difference between public and private PGP keys?

When you communicate with another encrypted email, your device will automatically download the email recipient’s public key from their organization’s public key server. It is the public key that is used to encrypt the email so that it can only be decrypted by the recipient's private key.

A private key is your unique key used to decrypt and sign your private email messages. No one has access to your private key except you.

Do you have a user manual?

ChatMail's Quick Start Guide cover - a secure bank vault. Yes. We love making our customer journey as smooth as possible, and our user manual is an integral part of our product experience. Our manual provides easy instructions for device set up, tips and shortcuts, troubleshooting and how to details for every feature, assuring that you can get the most out of your ChatMail experience.

Are messages stored in encrypted form on my device?

Yes, every single message is encrypted. When you go into a conversation and scroll up fast, you’ll be able to see each message decrypting. See it for yourself in our tutorial.

Can I use ChatMail on multiple devices simultaneously?

No, you cannot. Certain protocols such as OMEMO allow this, which could allow a third party without your knowledge to view your conversations in real time.

Do you offer Group Chats?

ChatMail’s custom designed group conversation technology allows for both group chat and anonymous group chat. Groups are not stored on servers. Therefore, after you create a group, you cannot change the properties of it since servers don't play a role. If a user is offline it is handled in a RAM queue like a normal message.

  • You can select whether members are allowed to send voice, pictures, and contacts.
  • You can set the group to expire after a certain period and optionally set a mandatory message expiry. It will destroy with whatever you have set between 1-7 days in your profile settings.
  • Every user is assigned a randomly generated name that cannot be cross referenced between devices. Only the owner can see who the user is, and everyone can see the owner.
  • Everything we build is designed for our user’s privacy - we don’t want to store anything. Typical companies that have groups use the standard XEP functionality which store your groups on a server. This is a bad idea since it includes all members inside the group and all messages.
How can I verify each message is encrypted?

When you open a conversation screen you will notice every message says decrypting.

You can also click on the three dots or three diamonds next to the message to confirm the three-check mark verification. By design ChatMail will not allow you to send or receive unencrypted messages.

Is there a way to mask your ID or rename your nickname on the device?

Your reseller can create a new name for you, but you would need to reinstall your device and ChatMail. You do not need to mask your name as its your identity which is used to protect you from man in the middle attacks.

Your identity (example@chatmail.ch) is used when you send someone a chat message to make sure it came form you and was never intercepted or retransmitted.

My keyboard looks different, why?

Something as simple as spell check can put you at risk. Using a standard Android keyboard even on an encrypted device means every time you utilize spell check your words are being sent to Googles servers to check for spelling mistakes, performance metrics, and even store what you type.

In addition to building ChatMail’s custom Private Keyboard, we will also be building our own spell check for your convenience.

What are all the features of ChatMail?

Simplicity is our keystone. With ChatMail, you no longer need to switch between applications because everything you need is in one secure containerized environment. With one-touch access, you gain the benefits of the following features:

Encrypted Features Multi-layered Security Special Features
  • Encrypted Voice Messages
  • Encrypted Notes
  • Encrypted Pictures
  • Encrypted Calling
  • Group Chat
  • Anonymous Group Chat
  • Share Images & Notes
  • ECC Chat
  • PGP Email - Displayed as chat message
  • CMGuard
  • Private Data Center
  • No 3rd Party applications
  • Multi Password Protection
  • Guaranteed Anonymity
  • Incognito Mode
  • Remote Wipe & Anti-Theft Protection
  • Duress Password
  • Private and International Network
  • Brute Force Protection
  • Custom Camera
  • Self-Destructing Messages
  • Favorite Messages
  • Urgent Messages
  • Encrypted note sharing
  • Dark & Light UI
  • Encrypted Device & Storage
  • Stable connection (99.99% uptime)
  • International SIM with 150+ Countries included
  • One-touch Access
  • Private Keyboard
What happens if I enter my password incorrectly ten times?

Your ChatMail device will automatically perform a security wipe and you will lose all the information that was stored on the device. We strongly suggest doing regular encrypted backups of your notes and contacts.

What happens if I forget my password to my device or ChatMail?

If you forgot your password, you would need to contact your ChatMail representative and request a full reset. By preforming a full reset, you will lose all the information that was stored on the device including your contacts and notes.

What happens if I forgot my password for my encrypted backups?

If you forgot your password the data would be unrecoverable. On your next backup the old data would be overwritten.

What happens if I lose reception? Will my messages still delete?

Yes, even without reception your messages will still self-destruct.

ChatMail manages everything itself and does not rely on syncing.

What happens if I lose, or someone steals my phone? Is there a way to remotely delete my phone?

Yes. You can contact your ChatMail representative at any time and they will issue a full security wipe.

If your phone no longer has a data connection, a remote wipe will not work. But because ChatMail doesn’t rely on syncing your device will automatically delete your messages based on your “Message Time Until Deleted” even if your phone has been turned off.

What Languages do you offer?

ChatMail is translated by the people that use it every day. We offer English, French, Spanish, Dutch, Swedish, Serbian Cyrillic, Albanian, Russian, Portuguese, Polish, Japanese, Italian and German.

Why can’t I copy and paste?

Cold Chip-off is an exploit that in theory allows you to access the RAM from a mobile device, when you copy a message before its encrypted it could be stored in RAM indefinitely until it’s overwritten at random. Therefore, we do not allow copy and paste.

Here are some safer ways to forward a message:

  1. Hold down on the message and “Save to Notebook” you can then edit the content and hit “send”.
  2. Hold down on the message and hit “Forward Message”
Why can’t I recall/revoke a message?

Recall/revoke can only happen if messages are stored on the server. We do not store messages on our servers therefore we cannot offer this feature.

Do you offer changing IMEI’s?

No, as this practice does not provide any security benefits.

When you change an IMEI—which is also known as “flashing”—you need to make sure you change your SIM card before you register again to a network. Otherwise, the telecom carrier will have logged your new IMEI with your old IMSI, which defeats the purpose of flashing your IMEI. For true security you would need to turn off all connections, change your SIM card and flash your IMEI before connecting to a wireless network provider which is illegal in many jurisdictions.

Visit our IMEI blog for more details.

Do you use a VPN?

ChatMail has a custom designed secure networking engine. We don’t rely on the Operating System to protect our users and we do not use a third-party VPN; we created our own. You should not rely on VPNs to protect you, you should be using encryption and not relying on IPsec.

What about battery life?

ChatMail has the best battery life in the industry, thanks to our custom designed push service. (We do not use Firebase as that could compromise your data) On the Mi A2 Lite as an example you can get a week before having to charge depending on usage.

What hardened devices is ChatMail supported on?

ChatMail on Blackberry® UEM

  • Google Pixel Line
  • Galaxy Z - Flip, Flip 3, Fold 2, Fold 3
  • Galaxy Note 10, 10 5G, 10+, 10+ 5G, 20 5G, 20 Ultra 5G
  • Galaxy J3, J4, J4+, J4 Core, J5, J5 Pro, J5 Prime, J6, J6+, J7 (Android 8+)
  • Galaxy S8, S8+, S8 Active, S9, S9+, S10, S10+, S10e, S10 Lite, S20, S20+, S20 Ultra, S21 Ultra, S22, S22+, S22 Ultra
  • Galaxy A01, A02s, A03s, A10, A10s, A10e, A11, A12, A20, A20s, A20e, A21, A21s, A22,A30, A30s, A31, A40, A40s, A41, A50, A50s, A51, A52, A60, A70, A70s

ChatMail on Renati is currently offered on select Pixel devices: Pixel 3a, Pixel 3a XL, Pixel 4 XL, Pixel 4a, Pixel 6, Pixel 6a, Pixel 6 Pro, Pixel 7a. Pixel 7 and Pixel 7 Pro are under development.

We continually test new devices for battery life, speed, and reliability. If suitable we add them to our supported device models.

What is CMGuard?

CMGuard is a special loop back VPN that we use to disable API calls to Google on Xiaomi and Blackberry devices.

What is your SIM card coverage and protocols?

Every ChatMail subscription comes with our International data only SIM card that works in 150+ countries. Alternatively, ChatMail can be used over WiFi or you can use your own local SIM card.

What to do if the connection is slow or drops frequently?

A slow connection may occur if:

  1. Your Wi-Fi is weak
  2. Your area has a network outage
  3. You are outside ChatMail’s SIM card coverage.
How can I become a ChatMail Partner?

We’re always looking for experienced partners to join our growing community of ChatMail certified Executive Partners, Distributors and Retailers around the world. Please visit our Become a Partner page to learn more, and fill out our Partner Discovery Application so we can learn more about you, your business and the clients you cater to.

Please visit some of our Global Partner websites:

Where can I buy ChatMail?

ChatMail is available for purchase through our global authorized reseller network. Start your purchase inquiry by visiting our Contact us page and selecting your country. This will gain you access to the MSRP Guide for your region, retailer websites (if available for your region), or fill out the form to request a demo or ask us a question.

Why isn’t ChatMail free of charge?

ChatMail is engineered by our team of in-house software development experts, and offers multi-layer encryption, a feature-rich interface, unparalleled security, and luxurious design. ChatMail’s developers are constantly innovating and creating new user-friendly features while ensuring the maintenance of our private server infrastructure. As such, the price covers these costs.

Most free apps sell your personal data to third parties. If you don’t pay for a service, you end up paying with your data instead. ChatMail is designed to limit all sensitive data, only storing your username, activation, and expiry date. We are in the security and privacy business, not data collection.

How do I get ChatMail updates?

You will be informed that you have an update pending from your device. Click “update”. Update’s take less than a minute.

How to contact our support team?

For technical assistance, please contact the reseller you purchased from. If you cannot find an answer to your question in the FAQs, please contact us at info@chatmail.ca.

For all other inquiries, please start by visiting our contact us page and selecting your country.

Are there countries you don't service?

While we endeavour to make ChatMail available worldwide, due to the encryption policies of specific countries, we don't serve the following:

Afghanistan
Belarus
Burma
Cameroon
Central African Republic
Chad
China
Crimea
Cuba
Democratic Republic of the Congo
East Timor
Equatorial Guinea
Haiti
Iran
Iraq
Ivory Coast
Lebanon
Libya
Myanmar
Nicaragua
North Korea
Russia
Somalia
Sri Lanka
Sudan
Syria
Ukraine
Venezuela
Yemen
Zimbabwe