Encryption

What is end to end encryption?

End to end encryption is a method of communication used to keep messages private between only trusted recipients. When you use this messaging platform, your messages are encrypted so that in transit and in storage, they are unintelligible. The recipient needs a cryptographic key in order to decrypt the message. Only the people in the chatroom created for the support chat have that special key: the facilitator (you), the support seeker, and the help bot. They are the only ones who can decrypt and read the messages.

You can read more about this feature on Matrix FAQs or on Wikipedia.

Key Backup

Each time you log in the messaging platform, a new cryptographic key is created. That means that you won't be able to read messages from your previous sessions because the key is different. If you want to have access to your chat history or if you are using the messaging platform on multiple devices, you need to use the Key Backup feature.

The first time you go to log out of your account, you should see a prompt to connect your session to Key Backup. Start key backup

You will then be prompted to enter a passphrase that is different from your password. Enter a passphrase

Then you will get access to your recovery key, which lets you recover your key backups in case you forget your passphrase. Do not lose your recovery key - there is no way to reset your passphrase so if you lose your recovery key you could lose all of your old messages. Save your recovery key

Once you have downloaded or copied the recovery key for your account and click continue, you should see a success message.

The next time you log in, at the end of your session when you log out you will be prompted to connect this session to your key backup. Connect to key backup

If you want to be able to access the messages from this session in the future, you should back up the key. You will need to enter your passphrase again.

Unverified sessions

You may notice that when you are in a chatroom, there is a red security icon next to the Anonymous account name. If you hover over it, it says "Encrypted by an unverified session". Unverified session

This means that the Anonymous account is sending encrypted messages, but the device it was sent from has not been verified. This is to be expected because each support seeker is an unknown entity - we do not save any information about the person or their device.

If you want to verify the account, you can do so by clicking on the "People" icon at the top right menu bar, and then for each device on the account, verify it as follows:

  1. Click on the account name
  2. Click on "Verify"
  3. Click "Use legacy verification (for older clients)"
  4. Click "I verify that the keys match"

You should now get the green security icon! However this is pretty meaningless because as soon as they leave the chat, they will not be able to return to the same chatroom. Even if they start a new chat on the same device, they will have started a new session and they will be unverified again.

Unencrypted chats

In some cases, there may be a failure with the encryption process. This is most likely due to the support seeker using an older browser. If the encryption fails for any reason, the chat will be closed and restarted as an unencrypted chat. From your end, what you will see is that as soon as you join the room or when you send your first message, the "Anonymous" account leaves the room and a new chat invitation will appear almost immediately. In the unencrypted chat room, you won't see the secure encryption icon in the chat window.