Fault Diagnosis & Troubleshooting
App Won't Install
If the SecureCall APK fails to install on your device, check the following:
- Storage space: Ensure you have at least 50 MB of free storage. Go to Settings → Storage to verify.
- Unknown sources: If installing via APK (not Google Play), you must enable "Install from unknown sources" for the app you are using to open the APK (e.g., your file manager or browser). Navigate to Settings → Apps → Special access → Install unknown apps.
- Android version: SecureCall requires Android 10 (API 29) or higher. Older devices are not supported.
- Conflicting installation: If a previous version is already installed with a different signing key, uninstall the old version first, then try again.
- Restart device: In rare cases, a device restart resolves installation failures caused by stale package manager state.
Microphone Permission Denied
SecureCall requires microphone access to function. If you denied the permission during initial setup or it was revoked:
- Go to Settings → Apps → SecureCall → Permissions → Microphone → Allow
- On some Samsung devices, the path may be Settings → Apps → SecureCall → Permissions → Microphone → "Allow only while using the app"
- If the permission toggle is greyed out, check whether a Device Administration policy or parental control is blocking microphone access
- Restart SecureCall after granting the permission
Can't Connect to Server
If SecureCall shows a connection error or fails to register with the signaling server:
- Check internet connectivity: Verify that WiFi or mobile data is active and working (try loading a webpage in your browser)
- Switch networks: Try switching between WiFi and mobile data. Some corporate or public WiFi networks block WebSocket connections on non-standard ports.
- Wait and retry: The signaling server runs on Railway's free tier and may experience cold starts (5–10 second delay on first request after idle periods). Wait a few seconds and try again.
- Force stop and restart: Go to Settings → Apps → SecureCall → Force Stop, then reopen the app. This clears any stale WebSocket connection state.
- Check server status: The server may be temporarily down for maintenance. You can check status by visiting the GitHub repository for any announcements.
No Audio During Call
If a call connects but you cannot hear the other party (or they cannot hear you):
- Microphone permission: Confirm the microphone permission is granted (see above)
- Volume level: Press the volume up button during the call. Make sure the media/call volume is not muted.
- Headset or Bluetooth: If a headset or Bluetooth audio device is connected, audio may be routing to that device. Try disconnecting external audio devices.
- Other apps using microphone: Close any other app that might be using the microphone (voice recorders, other VoIP apps, video conferencing apps). Only one app can hold the microphone at a time.
- Do Not Disturb mode: On some devices, DND mode can suppress call audio. Disable DND and try again.
Call Drops Frequently
If calls connect but disconnect after a short time:
- Network stability: Voice calls require a stable connection. If you are on mobile data with weak signal, calls may drop. Move to an area with better coverage or switch to WiFi.
- Free tier limit: The free tier has a 15-minute call duration limit. Calls are automatically terminated when this limit is reached. Upgrade to Pro for unlimited calls.
- Battery optimization: Android may kill background processes to save battery. Go to Settings → Apps → SecureCall → Battery → "Don't optimize" (or "Unrestricted") to prevent this.
- Background service: Ensure the "Background Service" toggle is enabled in SecureCall's Settings. This keeps the WebSocket connection alive via a foreground service notification.
- NAT timeout: Some routers aggressively time out UDP connections. The app's keepalive pings (every 8 seconds) should prevent this, but extremely restrictive networks may still cause issues.
Echo or Feedback
If you hear your own voice echoed back during a call:
- Use headphones: Echo is most commonly caused by the other party's speaker audio being picked up by their microphone. Ask both parties to use headphones or earbuds.
- Lower speaker volume: Reducing the speaker volume on the device experiencing echo can eliminate the feedback loop.
- AEC processing: SecureCall includes Acoustic Echo Cancellation (AEC), but its effectiveness varies by device. If echo persists, switching to headphones is the most reliable fix.
Current Constraints
The following are known limitations of the current SecureCall release. These are either by design (tier restrictions) or planned for future versions.
| Limitation | Description | Status |
|---|---|---|
| Android only | No iOS or desktop client available | Planned for v1.0+ |
| No group calls | Only 1:1 voice calls are supported | Planned for v0.3 |
| No messaging | Voice calls only — no text, image, or file messaging | Planned for v1.0+ |
| 15-minute limit (Free) | Free tier has a maximum call duration of 15 minutes | By design |
| 10 contacts (Free) | Free tier is limited to 10 saved contacts | By design |
| Cold starts (Railway) | Signaling server hosted on Railway free tier may have 5–10 second cold start delays | Expected on free tier |
Security Audit Status
An internal security audit was conducted on February 15, 2026, covering all three components of the SecureCall platform (Android client, Rust crypto engine, backend server). The audit identified a total of 48 findings across three severity levels.
| Severity | Android Client | Rust Crypto | Backend Server | Total |
|---|---|---|---|---|
| Critical | 4 | 1 | 2 | 7 |
| High | 6 | 3 | 9 | 18 |
| Medium | 8 | 5 | 10 | 23 |
All 7 Critical findings have been fixed. These included crypto stubs that were passing plaintext, a silent plaintext fallback mode, fake key exchange implementations, and hardcoded development endpoints. All critical vulnerabilities were addressed before the current release.
All 18 High findings have been fixed. Remediations include real X25519 key exchange via FFI, SecureRandom usage, key zeroization, buffer overflow protection in the Rust FFI layer, and server-side authentication and rate limiting.
23 Medium findings are tracked as GitHub Issues (#101–#108 for Android, #201–#205 for Rust, #301–#310 for backend). These include items such as missing TLS certificate pinning, unsynchronized data structures, and input validation gaps.
Supported Devices
SecureCall requires Android 10 (API level 29) or higher. The app has been tested on the following devices:
| Device | Android Version | Status |
|---|---|---|
| Samsung Galaxy S10 | Android 12 | Primary test device — fully verified |
| Samsung Galaxy S7 | Android 10 | Tested — functional |
| Samsung Galaxy Tab S4 | Android 10 | Tested — functional |
| Google Pixel 5 (Emulator) | Android 12 | Tested — occasional System UI instability |
Minimum Requirements
| Requirement | Minimum |
|---|---|
| Android Version | Android 10 (API 29) or higher |
| Free Space | 50 MB |
| RAM | 2 GB |
| Permissions | Microphone (required for calls) |
| Network | WiFi or mobile data |
SecureCall should work on any Android device meeting the minimum requirements. If you experience issues on an untested device, please report it so we can investigate.
Bug Reports & Feature Requests
If you encounter a bug that is not covered in this guide, or if you would like to request a new feature, please open an issue on GitHub:
When reporting a bug, please include the following information to help us diagnose the problem quickly:
- Device model and Android version (e.g., Samsung Galaxy S10, Android 12)
- SecureCall version (visible in the app's Settings screen)
- Steps to reproduce the issue
- Expected behavior vs. actual behavior
- Network type (WiFi, mobile data, VPN)
- Screenshots or screen recordings if applicable