A glimpse into our security.

The proof is in our platform. Cloaked is built so you are the sole holder of your data.

Layers of encryption

  • Client-Side Encryption
    Cloaked Data is protected with your master password which we don't have access to.
  • Zero-Knowledge Access
    All messages, emails, and texts are encrypted inside Cloaked.
  • User-Unique Databases
    A unique database for each user, distributing data and creating an encrypted barrier between Cloaked and user data.
  • Client-Side Encryption
    Cloaked data is protected with your master password which we don't have access to.
  • Zero-Knowledge Access
    All messages, emails, and texts are encrypted inside Cloaked.
  • User-Unique Databases
    A unique database for each user, distributing data and creating an encrypted barrier between Cloaked and user data.

State-of-the-art account security

Two-factor authentication, user-held security keys, password protection, and more—Cloaked provides powerful security features, and encrypts user data to keep the power in our user’s hands.

Data minimum; privacy maximum

Cloaked limits data collected, and is transparent in its use. 
Our goal: limit data collected, while continuing to provide Cloaked’s best-in-class consumer privacy experience.

Download our white paper on security practices

7.4 MB download | 36 Pages

ISO 27001 Certified
Security
ISO 27701 Certified
Privacy
IAPP member
SOC 2 Type 1 2023
Audit Complete
SOC 2 Type 2 2023-2024
Audit Ongoing

Awarded and reviewed by top security organizations.

Partners and associate organizations around the world recognize Cloaked takes security, seriously.

Frequently Ask Questions

Is Cloaked End-to-End Encrypted?

add
  • Yes. Cloaked uses best-in-class encryption and hashing for all data at-rest. Cloaked encrypts communication between the user and server with TLS encryption. User data including passwords, usernames, notes, and more, are encrypted with the user’s private key.
  • Due to the nature of the email and SMS protocols, sending and receiving of emails and text messages are not encrypted with your key outside of Cloaked.

What information can Cloaked link to an account/between identities?

add
  • Cloaked phone numbers and Cloaked emails are used for accurate routing, and are encrypted both at-rest and in-transit. Texts and email messages are stored encrypted with your private key and cannot be read by Cloaked.

Does Cloaked support hardware keys or MFA outside of SMS and Email?

add
  • MFA currently supports SMS and Email. Physical keys and other methods of support are on the roadmap.

What is the benefit of unique databases?

add
  • When Cloaked stores user data, the unique database has unique keys for each user’s database. Operations performed with user-specific keys increases security and privacy for the already-encrypted data going into the user's database.

How secure is Cloaked’s encryption?

add
  • Cloaked uses ECC25519, Argon2, and Xsalsa20-Poly1305 for hashing and encryption approaches for user data, to remain highly secure.
Still have questions? Check the help center or email us at [email protected]

Join the conversation on Discord