Loxation

Security & privacy

• All communications with the server are authenticated and encrypted even when you don't give your name
• You control any information that is made available to other people or parties
• When you use the application anonymously, your device is authenticated with Apple (iPhone) and Google (for Android)
• Messages to other people are not stored on the server after transient transmission and transmissions are encrypted using MTS (IETF RFC 9420) key exchange/management and with AES-GCM as the underlying cryptographic algorithm
• Your location is transiently sent to the server for locating other people matching privacy filters you create. Locations are not tracked over time nor after you leave a location
• Beacons: BLE and UWB are used to identify locations and other users in your proximity
• Profiles, messages, and notes you create are specific to these locations and only available at the location they are created at
• Messages are end to end encrypted
• Your private notes are only kept on your mobile device
• No one else is allowed access to your data
• We keep your private data private and on your device, and let you control who has access to your public info
• Your public information is only available at your current location
• We do not sell your data to third parties

Loxation chat

Security & Privacy

• Encrypted and private communications to local users using Bluetooth Low Energy (BLE)
• Compatible with the baseline bitchat protocol, the loxation chat enables location based authentication and geofencing
• Messages are encrypted end-to-end with AES-GCM
• Keys are exchanged using the Noise Protocol for direct messaging and MLS (IETF RFC 9420) for group messaging
• End to end encrypted messages may be routed to known and verified users who are mutual favorites using the websocket protocol (Nostr NIP-17 private direct messaging only)
• Geofenced authentication provider using TOTP one time codes