Intelligence FAQ — Briefing
General
SecureCall is an Android app for end-to-end encrypted voice calls. Every call is encrypted using XChaCha20-Poly1305 with X25519 key exchange and Double Ratchet forward secrecy. The cryptographic engine is written entirely in Rust for memory safety, and the complete source code is publicly available on GitHub. No accounts, no phone numbers, no personal data required.
No. Calls are encrypted end-to-end. Encryption keys are generated on your device and never sent to our servers. We are technically unable to decrypt your calls, even if compelled by a court order. Our signaling server only sees encrypted payloads and temporary connection identifiers — it cannot associate calls with real identities or read any content.
No. SecureCall generates an anonymous ID on your device. No phone number, email address, or personal information is required. You share your SecureCall ID with contacts through any channel you choose — in person, via messaging, or any other method you trust.
Not yet. SecureCall is currently Android-only (Android 10+). An iOS version is planned but not under active development. The Rust crypto engine is cross-platform, so the core security and encryption will be identical when the iOS version is built.
Transparency builds trust. By publishing our source code, we allow anyone — security researchers, journalists, privacy advocates — to verify that our encryption works as claimed. Any backdoor would be visible in the public code. We believe that security through obscurity is no security at all. You don't have to trust us; you can verify.
Privacy & Data
It depends on your tier:
Free: Optional anonymous crash reports only (opt-out in Settings). No call logs, no contacts, no analytics.
Pro: Nothing. Zero data collection. Crashlytics is disabled at the build level.
Premium: Absolutely nothing — not even your IP address, which is masked via the GhostNet relay network.
See our Privacy Policy for detailed data collection tables by tier.
Free: Optional anonymous crash reports only (opt-out in Settings). No call logs, no contacts, no analytics.
Pro: Nothing. Zero data collection. Crashlytics is disabled at the build level.
Premium: Absolutely nothing — not even your IP address, which is masked via the GhostNet relay network.
See our Privacy Policy for detailed data collection tables by tier.
Yes. SecureCall fully complies with the EU General Data Protection Regulation (GDPR) and the German Bundesdatenschutzgesetz (BDSG). Since we collect virtually no personal data, most GDPR rights — access, erasure, portability — are satisfied by default. StealthX is based in Germany and operates under German and EU privacy law.
No. We cannot provide call content because we do not have it. End-to-end encryption means only the two call participants possess the decryption keys. We cannot comply with wiretap requests because it is technically impossible for us to decrypt calls. We also do not log call metadata, so we cannot identify who called whom or when.
Security
SecureCall uses a modern, layered cryptographic stack:
Symmetric Encryption: XChaCha20-Poly1305 — 256-bit AEAD cipher with 192-bit extended nonce
Key Exchange: X25519 — Elliptic Curve Diffie-Hellman on Curve25519
Forward Secrecy: Double Ratchet protocol — per-session key derivation with ratcheting
Key Derivation: HKDF-SHA256 — HMAC-based key derivation function
Implementation: Native Rust via JNI — memory-safe, zero buffer overflows
See the Security Design page for the full architecture.
Symmetric Encryption: XChaCha20-Poly1305 — 256-bit AEAD cipher with 192-bit extended nonce
Key Exchange: X25519 — Elliptic Curve Diffie-Hellman on Curve25519
Forward Secrecy: Double Ratchet protocol — per-session key derivation with ratcheting
Key Derivation: HKDF-SHA256 — HMAC-based key derivation function
Implementation: Native Rust via JNI — memory-safe, zero buffer overflows
See the Security Design page for the full architecture.
Pro and Premium tiers include active protection against call recording attempts:
FLAG_SECURE prevents screenshots and screen recording of the call screen.
Exclusive audio focus blocks other apps from accessing the microphone.
Continuous monitoring detects screen recording apps, microphone hijacking, and known spy/surveillance applications.
Pro blocks the threat and shows an alert dialog.
Premium automatically terminates the call to ensure maximum protection.
FLAG_SECURE prevents screenshots and screen recording of the call screen.
Exclusive audio focus blocks other apps from accessing the microphone.
Continuous monitoring detects screen recording apps, microphone hijacking, and known spy/surveillance applications.
Pro blocks the threat and shows an alert dialog.
Premium automatically terminates the call to ensure maximum protection.
Rust guarantees memory safety at compile time, eliminating buffer overflows, use-after-free, and data races — the most common sources of security vulnerabilities in cryptographic code. Unlike C/C++, Rust's ownership model ensures that memory is managed correctly without a garbage collector. The Rust crypto engine is compiled to a native library (
.so) and accessed from Android via JNI, providing both safety and performance.
Yes. An internal security audit was conducted in February 2026. The audit covered the Rust crypto engine, the Android client, the signaling server, and the GhostNet transport protocol. All 7 Critical and 18 High findings were identified and fixed. The full audit report is available on the Security Audit page.
Tier Comparison
Full Feature Comparison
All tiers include end-to-end encryption. Here is a complete breakdown of what each tier provides:
| Feature | Free | Pro ($4.99/mo or $15 Lifetime) | Premium ($9.99/mo or $25 Lifetime) |
|---|---|---|---|
| E2E Encrypted Calls | ✓ | ✓ | ✓ |
| Audio Quality | Standard | HD (48kHz Opus) | HD (48kHz Opus) |
| Contacts | 10 max | Unlimited | Unlimited |
| Call Duration | 15 min max | Unlimited | Unlimited |
| Screen Capture Detection | — | ✓ | ✓ |
| Anti-Recording Protection | — | ✓ (Block) | ✓ (Auto-Terminate) |
| Spy App Detection | — | ✓ | ✓ |
| GhostNet IP Masking | — | — | ✓ |
| Multi-Hop Relay | — | — | ✓ |
| Crash Reports | Opt-out | Disabled | Disabled |
| Telemetry | Minimal | Zero | Zero |
Billing
Forever Licenses are one-time purchases that give you lifetime access to Pro or Premium — no subscription needed. Only 100 licenses are available per tier. The price starts low and increases automatically with each sale:
PRO Lifetime: Starts at $15, rises to $50 at sellout (100 licenses total)
PREMIUM Lifetime: Starts at $25, rises to $100 at sellout (100 licenses total)
Once sold out, only monthly/yearly subscriptions remain. The remaining license count and next price are shown live in the app's Upgrade screen. Early buyers get the best price.
PRO Lifetime: Starts at $15, rises to $50 at sellout (100 licenses total)
PREMIUM Lifetime: Starts at $25, rises to $100 at sellout (100 licenses total)
Once sold out, only monthly/yearly subscriptions remain. The remaining license count and next price are shown live in the app's Upgrade screen. Early buyers get the best price.
Lifetime: Pay once, own forever. Best value for long-term users. Includes all future updates. Available only while licenses last. Non-refundable.
Subscription: Pay monthly or yearly. Cancel anytime — features remain active until end of billing period. Always available, no license limits. Choose this if you want flexibility.
Subscription: Pay monthly or yearly. Cancel anytime — features remain active until end of billing period. Always available, no license limits. Choose this if you want flexibility.
To upgrade: Open SecureCall > Settings > Subscription > tap the upgrade button for your desired tier. Complete the purchase via Google Play Billing.
To cancel: Open Google Play > Subscriptions > SecureCall > Cancel. Your Pro/Premium features remain active until the end of the billing period. Lifetime purchases never expire and cannot be cancelled.
To cancel: Open Google Play > Subscriptions > SecureCall > Cancel. Your Pro/Premium features remain active until the end of the billing period. Lifetime purchases never expire and cannot be cancelled.
No. All payments are processed through Google Play Billing. We never see your credit card number, billing address, or any other payment details. Google handles the entire transaction securely. We only receive a purchase confirmation token to verify your subscription status.
Open SecureCall Settings > Delete All Data, then uninstall the app. This permanently erases all local data including encryption keys, contacts, call history, and settings. Since we don't store any data on our servers, uninstalling removes all traces of SecureCall from existence. This action is irreversible.