B
BABYLON

Security & Privacy

Built on cryptographic principles. Auditable. Transparent. No compromises.

Encryption Architecture

End-to-End Encryption

Signal Protocol for group chats. All messages encrypted before leaving your device.

Perfect Forward Secrecy

Compromised keys don't expose past messages. Each message has unique encryption.

No Backdoors

Open source code. Auditable by security researchers. No government access.

Signal Protocol Details

Protocol: Double Ratchet Algorithm

Key Exchange: X3DH (Extended Triple Diffie-Hellman)

Encryption: AES-256-GCM

Hashing: SHA-256

Implementation: libsignal-protocol (battle-tested, used by Signal, WhatsApp, others)

Privacy by Design

No phone number collection or storage
No automatic contact synchronization
No tracking cookies or analytics
No data selling to third parties
No metadata tracking (who talks to whom)
No location tracking
No device fingerprinting

What We Collect

Minimal data collection. Only what's necessary for the service:

  • • Username (for identification)
  • • Optional profile picture (encrypted)
  • • Messages (encrypted end-to-end)
  • • Group membership (encrypted)

Compliance & Standards

DSGVO Compliant

Full compliance with EU General Data Protection Regulation. Your data, your rights.

EU Server Location

All data stored in EU data centers. Subject to DSGVO, not US jurisdiction.

Open Source

Code available for independent security audits. Transparency by design.

No Backdoors

No government access. No law enforcement backdoors. No exceptions.

Security Practices

Code Security

  • • Open source for community audits
  • • Regular security reviews
  • • Dependency vulnerability scanning
  • • Responsible disclosure program

Infrastructure Security

  • • End-to-end encryption (messages never decrypted on server)
  • • TLS 1.3 for all connections
  • • Rate limiting and DDoS protection
  • • Regular security audits

Data Protection

  • • Encrypted backups (user-controlled keys)
  • • Automatic old data deletion
  • • User export functionality
  • • Account deletion (all data removed)

Incident Response

  • • 24/7 security monitoring
  • • Rapid response team
  • • Transparent incident reporting
  • • User notification within 72 hours

Trust Through Transparency

We believe security shouldn't require blind faith. Our code is open, our practices are transparent, and our commitment to privacy is absolute.

100%

Open Source

0

Backdoors

Privacy

Security You Can Trust

Join thousands of users who value privacy and security. Experience messaging without compromise.