Security Architecture
Mortui implements a defense-in-depth security architecture with multiple layers of protection to ensure user data privacy, system integrity, and secure action execution.
Security Layers
Application Security Layer
Fingerprint + PIN with PBKDF2 hashing (face unlock opt-in)
Role-based access with subscription tier enforcement
Volatile auth state with re-auth on resume
Data Security Layer
Military-grade encryption for all sensitive data at rest
Hardware-backed key storage with StrongBox support
Encrypted SQLite database with Keystore-derived passphrase
Communication Security Layer
Encrypted network communication for all external services
Protection against man-in-the-middle attacks
Secure authentication for Gmail and Outlook integration
Platform Security Layer
Principle of least privilege for system access
Utilizes device security hardware where available
Root/debug detection and anti-tampering measures
Multi-Factor Authentication
Mortui implements a comprehensive authentication system with multiple layers to protect configuration access while allowing background operations to execute autonomously.
Strong fingerprint authentication (Class 3 / BIOMETRIC_STRONG) via BiometricPrompt. Face unlock is opt-in under Security settings — most Android face implementations are Class 2 and insufficient for security-critical actions.
PBKDF2-style hashing with 10,000 iterations and salt
Device ID-based recovery code
Rate Limiting Protection
Exponential backoff protects against brute force attacks:
| Failed Attempts | Lockout Duration |
|---|---|
| 5 | 30 seconds |
| 10 | 5 minutes |
Lockout timer resets on successful authentication.
Encryption & Key Management
AES-256-GCM Encryption
All sensitive data is encrypted using AES-256-GCM, the same encryption standard used by governments and financial institutions worldwide.
- 256-bit key length
- Galois/Counter Mode for authenticated encryption
- 12-byte random IV per encryption
- 128-bit authentication tag
SQLCipher Database
The entire database is encrypted at rest using SQLCipher 4.5.4, providing transparent AES-256 encryption of all data, indexes, and journals.
- Keystore-derived passphrase
- Full database file encryption
- WAL and journal file protection
- Backup exclusion via Android rules
Android Keystore
Hardware-backed key management using Android Keystore with StrongBox support for devices that have secure hardware elements.
- Keys never leave secure hardware
- StrongBox backed when available
- Background service compatible
- AES256_GCM key scheme
Encrypted File Vault
Your secure on-device vault for sensitive files, email attachments, and structured data. Import files freely and export them whenever needed — you maintain full control.
- AES-256-GCM streaming encryption
- Built-in CSV viewer and table builder
- Import/export files at will
- UUID filenames prevent metadata leakage
- Files never leave device unencrypted
- Attach vault files to recipient messages
Secure File Deletion
DoD 5220.22-M compliant secure deletion ensures files are irrecoverably destroyed through multi-pass overwriting.
- 3-pass overwrite (random, zeros, ones)
- Filename obfuscation before delete
- fsync() to force disk writes
- Configurable pass count
Additional Hardening
FLAG_SECURE
Blocks screenshots and screen recording on all activities. ADB screencap returns black.
PII Redaction
No PIN, passphrase, secret, or emergency code values are ever written to logcat.
R8 Obfuscation
Release builds use minification and resource shrinking with R8 for obfuscated DEX output.
Security Audit System
Mortui includes a comprehensive security scoring system that evaluates your configuration and provides recommendations for improvement.
- PIN configuration validation (30 points)
- Permission status checks (25 points)
- PIN strength analysis (20 points)
- Biometric configuration (15 points)
- Emergency recovery setup (10 points)