Every bit of information is a door to your world. It's your life. We believe your life deserves protection and you should decide who to let in — who to trust. Below, we explain the steps we take to protect your life from others who wish to harvest it, and the vulnerabilities that may exist, so you can make an informed decision.
We considered numerous security designs, each with their own advatages and tradeoffs, when building Metamorphic.
We chose an approach that we felt best met our goals for privacy, data ownership, protection of personal information, and our environment.
We feel this approach best serves our goal of being (1) easy to use, (2) private, and (3) secure. Arguably the biggest sticking point for ease of use, is the two-factor authentication. But, that alone increases the security of your individual account by mountains of magnitude, so we felt it was worth it.
In terms of privacy, the biggest factor is people not having control over who they're sharing their information with. That loss of control begins and ends with the company behind the service. We eliminate that problem by applying password-derived asymmetric encryption for each person's account. That means that only you can ever access your account (don't lose or forget your password!) and its data.
This creates something we're particularly proud of: in-app encryption. It happens transparently, behind-the-scenes, and enables you to keep your information (photos, letters, etc.) private to your eyes only (and whoever you choose to share with). We then wrap that encryption in a second layer of at-rest encryption to further protect your data during storage. Lastly, any information sent outside the system, like an email, utilizes in-transit encryption to protect it on its journey.
Lastly, we implement access control policies for our company as well as service, which means that (1) there is no single set of log in credentials that provide access to the entire system; and (2) other people using the service cannot see anything that you haven't explicitly shared with them.
Our security features help protect you without getting in your way. We focus on security so that you can focus on sharing and connecting with the people in your life.
We implement strong encryption to protect your account and data. Encryption keeps you safe.
Optional and easy 2FA enables strong account security without getting in your way.
When you delete something, it's gone instantly (forever after 7 days). Easy and under your control.
Passwords are checked against haveibeenpwned on registration and log in to alert you to data breaches.
Receive the info you need to accept/decline a new relationship without revealing anything.
Your key is derived from your password (which is unknowable), so only you can decrypt your data.
System wide access control ensures strangers (corporate or otherwise) do not have access to your data.
Only the people you choose can connect, share, and see information about you.
Security in a sea of surveillance
There is no question that encryption keeps us safe. We have used a combination of asymmetric and symmetric encryption to keep your data (your life), safe — even from us. However, there are still considerations to keep in mind.
Since Metamorphic is currently only a web server application, we don't have "total" control over the client's privacy and security because the client is the browser. As long as you are accessing something through a browser, your privacy and security are in the hands of that browser. This is why we recommend Mozilla's FireFox (or Tor) for desktop and DuckDuckGo's app for mobile.
With that in mind, we have implemented in-app encryption to ensure only you can decrypt your data (not even us), strong encryption for all data at rest, strong authorization protocols, and isolated access control systems with separate account credentials.
You can further protect your privacy and security while using Metamorphic with these simple steps:
Remember, with any other browser, someone is looking over your shoulder.
We use the NaCl/libsodium libraries for our in-app, asymmetric encrytion and AES-256-GCM with random initialization vectors for encrypting data at-rest. At-rest encryption keys are rotated on a periodic basis and require separate login and two-factor authentication credentials to access.
This encrypted information is always sent over HTTPS and any emails sent by our application are delivered with TLS by default.
All account sessions are encrypted, salted, and signed to prevent tampering.
Data that needs to be queried during a person's use of Metamorphic is hashed with HMAC and SHA-512.
All passwords in Metamorphic are unknowably hashed and salted with the Argon2id key derivation function.
We can never access, nor know, your passwords.