Our Commitment to Your Security

At SecureShare, we take the security and privacy of your shared secrets seriously. Our platform is designed with state-of-the-art encryption and security measures to ensure that your sensitive information remains confidential and protected. Here's how we safeguard your data:

Open Source Transparency

We believe in the power of transparency to enhance security. That's why our software is open source:

  • Our entire codebase is publicly available for review.
  • Security experts and developers worldwide can inspect, validate, and contribute to our security measures.
  • You don't have to take our word for it – you can see exactly how we protect your data.

End-to-End Encryption

We use advanced AES-GCM (Advanced Encryption Standard in Galois/Counter Mode) encryption to protect your secrets. This means:

  • Your secret is encrypted on your device before it ever reaches our servers.
  • We never see or store your unencrypted secret.
  • Only the intended recipient with the correct decryption key can read the secret.

One-Time Viewing

To further enhance security:

  • Each secret can be viewed only once.
  • After viewing, the secret is permanently deleted from our servers.
  • Subsequent attempts to access the same link will show that the secret has already been viewed.

Secure Storage

While your encrypted secret is stored on our servers:

  • It's kept in a secure database with strict access controls.
  • We use Amazon Web Services (AWS), a leader in cloud security, to host our infrastructure.
  • Your secret is associated with a randomly generated public ID, not your personal information.

Secure Transmission

We ensure secure data transmission:

  • All data transmitted between your device and our servers is protected using HTTPS.
  • We employ additional encryption on top of HTTPS for an extra layer of security.

No Logging of Sensitive Data

We prioritize your privacy:

  • We don't log or store the contents of your secrets.
  • Once a secret is viewed and deleted, it's gone forever.

How It Works

  • Encryption: When you create a secret, it's encrypted with a unique key generated just for that secret.
  • Storage: Only the encrypted version of your secret is stored on our servers.
  • Sharing: You receive a secure link containing the secret's ID and the decryption key.
  • Viewing: When the recipient opens the link, the encrypted secret is retrieved and decrypted in their browser.
  • Deletion: After viewing, the encrypted secret is immediately and permanently deleted from our servers.

Your Role in Security

While we provide a secure platform, you play a crucial role in maintaining the confidentiality of your shared secrets:

  • Ensure the intended recipient is the only one with access to the secure link.
  • Encourage recipients to view the secret promptly, as it will be permanently deleted after viewing.

Verifying Our Security

We encourage you to:

  • Review our open-source code on Github.
  • Contribute to our project if you have suggestions for improvements.
  • Report any security concerns through our responsible disclosure program.

At SecureShare, we're committed to continuously improving our security measures to provide you with the most secure secret-sharing experience possible. Our open-source approach ensures that this commitment is transparent and verifiable.

Created by Mohamed Hassan