End-to-end encryption

Our end-to-end encryption (E2EE) security mechanism is foundational for MobileID, as all communication between the SDK integrated into your application and our backend servers uses E2EE.

How does E2EE work?

We achieve this using a public-key cryptography system, where a cryptographic key pair consisting of a public and a private key are used to establish a secure channel for all data exchange

By encrypting all data with the public key before it leaves the device's memory, we guarantee that the information remains confidential and secure throughout the entire transmission process.

Security

The always-on E2EE between the SDK and our server provides a robust defence against a wide range of network-based attacks. We encrypt the data at the application layer, which means that the security of the communication channel itself becomes less critical.

Threat mitigation

For some examples of threats that our E2EE security mechanism can mitigate, see the table below:

Key rotation

Key rotation is a critical security practice that limits the potential impact of a compromised key. It involves generating a new public/private key pair and updating your application to use the new public key.

Regularly rotating your E2EE keys minimises the risk associated with a key being exposed. If a key was ever compromised, then rotating it would make the old key useless for any future communications, securing the channel once again.

Rotation Process

We have designed the key rotation process to be straightforward and manageable, with no downtime for your application's end-users. To learn how to do this, see the steps below:

1. Generate a new key pair

1. Initiate the generation of a new key pair using the Add E2E key endpoint in the MobileID Admin API. This action creates a new public and private key.
2. Once created, the public key becomes available to retrieve from both:
   • The Get E2E key endpoint in the MobileID Admin API
   • The E2E keys tab on the MobileID Details page in the Signicat Dashboard.

2. Update and distribute your app

1. Configure the Encap controller in your mobile application with the new public key. To learn how to do this, see the:
   • Configure the controller section on the Android SDK Getting started page.
   • Configure the controller section on the iOS SDK Getting started page
2. Release an updated version of your app to the Apple App Store and Google Play Store.

3. Transition period

For a period of time, our server accepts data encrypted with both the old and the new public keys. This ensures that end-users who have not yet updated their app can continue to use the service without interruption.

4. Revoke the old key

Once you are confident that the majority of your end-users have updated to use the latest version of your app, you can revoke the old key using the Signicat Dashboard or the MobileID Admin API.

From this point on, only data encrypted with the new key is accepted.