The main principle of Dekko is that no data passed through the network can be decrypted using information on the servers. This means that even the creators of Dekko and the administrators of the data centre or servers cannot see users’ data. The encryption and decryption process only occurs on the users’ device.
Dekko uses several well-known and proven encryption techniques, including AES and ECC. AES is proven to be reliable and efficient. Dekko uses ECC for encrypting and signing all data while many others use RSA for the same purpose. ECC is more efficient encryption system, both in terms of security and performance.
When a new message is created it is assigned a unique key before being encrypted with AES; this ensures that no two messages are the same even if multiple users have the same password. The message recipients’ public key is also added to the message before it is signed by the senders’ private key to ensure the message cannot be tampered in delivery. Changing the digital signature is impossible as it requires senders’ and receivers’ keys, the senders’ private key is never passed across the network and the receivers’ key is always encrypted.
A MiTM is a common cyberattack where a malicious actor intercept, send and receive data meant for somebody else, or not meant to be sent at all, without either party knowing before it’s too late. This situation cannot occur in Dekko due to the multi-layer encryption, no master keys and digital signing for every message.
Dekko’s system architecture is based on a central server just like a regular email system but the key difference is that all data is stored in encrypted format using the private keys from the users. There is no master key that can be used to decrypt the data so messages and documents are totally safe and immune from data poisoning
Dekko’s storage uses Eloquera; a modern open standard database designed for the cloud with clustering support for high availability and disaster recovery. The Dekko system has multiple database and frontend servers to ensure no single point failure will effect operations. In addition data backup is real-time to off-site server so there can be no data loss.
Dekko’s default hosting partner is Microsoft Azure which is available in 140 countries through 17 regions. If your data hosting requirements demand higher levels of security such as Tier 4 or jurisdiction must be local in your own country not covered by Microsoft Azure we will consider alternative based on the opportunity. Dekko also has optional service where we can install on premise if required.
When a user logs onto the dekko system they enter their password which is then ‘salted’ to create a unique hash which is sent to the dekko server for identification. The ‘salt’ ensures every user is unique even if users have the same password. Every time the sender logs in, dekko records the time and location in its audit trail which is periodically checked for unusual activity.
Now we all know that we should use strong passwords but in the unlikely event that several dekko users have been careless and even used the same password such as “123456”, Dekko still ensures each user is unique by password hash and ‘salt’ combination.
When the recipient opens a new message the delivery has been successful the sender is notified.
Dekko is designed for business unlike many competing solutions which focus more on anonymity for privacy. In business there are many situations where you need the confidence that the discussion and documents need to remain private and within a trusted group of colleagues. In Dekko we call this a circle (similar to a domain) where member names forms part of their identification ie john@IBM. All the members of the circle are visible in a shared address book along with their online status.
One member is nominated as administrator to send out initial group invitations but following that any user can be authorised to invite other new members if needed. This admin function is simple and designed for business users not IT.
Each circle has their own group policies; such as
Dekko circles can also be linked through whitelist registry to allow users to communicate across circles. This may be useful for global organizations across continents’ or even different companies eg. Merger Acquisitions deals, sharing IP for manufacturing etc. In this situation both circle administrators need to approve link request.
We expect some companies; especially large organizations may not be interested in Dekko running on public cloud and may prefer to host solution in their private cloud or on premise. We support this option and will advise your hardware requirements and assist with Dekko software setup and customised ongoing support.
Last but not least since the Dekko’s name structure is not using standard email format - no spam.
With unparalleled security & privacy we mean:
Dekko provides a response to security threats including:
Yes, but with the proviso that we store your password encrypted, so if your password is very simple it is possible that a highly sophisticated hacker could discover it using brute force techniques. You only need one password to use Dekko so make it a good one. Characters and numbers (and at least 8 of them) are good.
Ownership of your data always remains with you and regulators must negotiate any access directly. In fact, of course, we literally have no way to share your information. Having said that, Dekko is not an anonymous system and we do keep meta data regarding the use of the system
This is catastrophic as we have no way of retrieving it for you. However there is a solution. Nominate trustees who you can contact if you lose your password. They, like us, do not have access to your password, but you can ask them to give you the ability to reset your password.
This is a matter of policy. For example, all messages can be automatically copied to a corporate account. Dekko does not impose rules – it fits into the way a business actually operates.
We like to think that we have designed a better and entirely secure solution for messaging and data storage. We started with a clean slate and the benefit of years of experience. After all, those mega companies depend on targeted marketing for their business models. They want to read your data, and use it in order to generate revenues to survive. Dekko survives only on modest fees for the service it provides.