Chats end-to-end encrypted by

Multi-layered security

Starting with BlackBerry end-to-end encrypted chats, Rolo has additional layers of security that protect your devices and communications.

Secured with BlackBerry

Initially famous for their secure smartphones, BlackBerry has evolved into a company specializing in securing mission-critical data for governments, banks, and global enterprises worldwide and has protected more than 100 million users with 1 billion daily messages globally.

Rolo brings BlackBerry technology into its message end-to-end encryption and cloud storage.

Understanding encryption

"Message Encryption" is the process of using an encryption key to transform a readable text such as "here is my bank account number" into an encrypted one such as "!@#$%@$%^)^&*%", which is unreadable.

Without the encryption key, no one can decipher the encrypted message, thus keeping your readable texts, files, and pictures private.

The devil is in the details

Being simply "Encrypted" or "Encrypted in transit and/or at rest" is not the same as being "End-to-end encrypted".

"Encrypted in transit" means that the line between you and your service provider is encrypted. In this case, the encryption keys are shared between both parties.

  • Advantages: The line is secured. Without the encryption keys, external parties listening to that line cannot understand what is shared between you and your service provider.
  • Drawbacks: This secures the line only and not where the messages are stored. This is not enough to keep your messages private.

"Encrypted at rest" means that your service provider encrypts the database where it stores your messages.

  • Advantages: Unwanted parties accessing that database without the encryption key cannot view any messages, pictures or files stored in it (remember "!@#$%@$%^)^&*%"?)
  • Drawbacks: This is better than not encrypting the database at all. However, your service provider has access to the encryption key and you entrust it (and their staff) with not looking at your private messages, files and pictures. This is not enough to keep your messages private.

"End-to-end encrypted (E2EE)" means that encryption/decryption of your messages happens only on the devices belonging to you and your messages' recipients, while only you and your recipients have access to the encryption keys.

  • Advantages: This is the best way to keep your message private and confidential. This prevents anyone from listening to your line or accessing your service provider database to know the content of your messages.
  • Drawbacks: None for you as a user.

In our case, neither Rolo nor BlackBerry have access to your chats' encryption keys. This means that even though the encrypted messages transit through the internet and are stored in our cloud, nobody but you and your recipients can read them.

This additional level of security means that if you and the recipients maintain strict control and secure practices over the devices that send and receive messages, your private conversations can stay private FOREVER.

What BlackBerry chat encryption does

1

Messages are digitally signed, so that you're sure who sent each message.

2

Messages are End-to-End Encrypted (E2EE), so you know that only the intended recipients can read the message.

3

Messages are subjected to integrity signature checks, so that the message can't be modified in transit.

With BlackBerry technology, messages sent on Rolo are protected from being viewed and modified by anyone other than the sender and intended recipients.

Technical details

Rolo's integration of BlackBerry secure communications technologies enables us to meet the rigorous security demands of the most regulated organizations and industries, with standards and certifications such as:

  • FIPS 140-2 validated cryptographic library;
  • NIST Suite B Cryptography for signing, encrypting and hashing;
  • Digital Signature Standard FIPS 186-4;
  • Secure Hash Standard FIPS 180-4;
  • AES Standard FIPS 197;
  • HMAC Standard FIPS 198-1; and
  • Cryptographic Key Generation NIST SP 800-133.

In addition to following security best practices, Rolo adheres to OWASP Mobile Application Security Verification Standard (MASVS) Level 1, and we will undergo an external security audit in 2021.

Additional security layers

In addition to end-to-end encrypted chats, we have added the following security features to protect you and your devices:

  • Malicious URL detection minimizes phishing and malware by scanning every URL you receive and send for potentially malicious sites, and warns users should any such URLs be detected.
  • Rooted/Jailbroken device detection prevents the Rolo app from running on a device with a modified operating system, therefore minimizing the chances that your communications become compromized.