Security Architecture
Mortui implements a defense-in-depth security architecture with multiple layers of protection to ensure user data privacy, system integrity, and secure action execution.
Security Layers
Application Security Layer
Biometric (fingerprint/face) + PIN with PBKDF2 hashing
Role-based access with subscription tier enforcement
Volatile auth state with re-auth on resume
Data Security Layer
Military-grade encryption for all sensitive data at rest
Hardware-backed key storage with StrongBox support
Encrypted SQLite database with Keystore-derived passphrase
Communication Security Layer
Encrypted network communication for all external services
Protection against man-in-the-middle attacks
Secure authentication for Gmail and Outlook integration
Platform Security Layer
Principle of least privilege for system access
Utilizes device security hardware where available
Root/debug detection and anti-tampering measures
Multi-Factor Authentication
Mortui implements a comprehensive authentication system with multiple layers to protect configuration access while allowing background operations to execute autonomously.
Fingerprint or face unlock via BiometricPrompt API
PBKDF2-style hashing with 10,000 iterations and salt
Device ID-based code + security questions (≥50% correct)
Rate Limiting Protection
Exponential backoff protects against brute force attacks:
| Failed Attempts | Lockout Duration |
|---|---|
| 5 | 30 seconds |
| 10 | 5 minutes |
Lockout timer resets on successful authentication.
Encryption & Key Management
AES-256-GCM Encryption
All sensitive data is encrypted using AES-256-GCM, the same encryption standard used by governments and financial institutions worldwide.
- 256-bit key length
- Galois/Counter Mode for authenticated encryption
- 12-byte random IV per encryption
- 128-bit authentication tag
SQLCipher Database
The entire database is encrypted at rest using SQLCipher 4.5.4, providing transparent AES-256 encryption of all data, indexes, and journals.
- Keystore-derived passphrase
- Full database file encryption
- WAL and journal file protection
- Backup exclusion via Android rules
Android Keystore
Hardware-backed key management using Android Keystore with StrongBox support for devices that have secure hardware elements.
- Keys never leave secure hardware
- StrongBox backed when available
- Background service compatible
- AES256_GCM key scheme
Secure File Deletion
DoD 5220.22-M compliant secure deletion ensures files are irrecoverably destroyed through multi-pass overwriting.
- 3-pass overwrite (random, zeros, ones)
- Filename obfuscation before delete
- fsync() to force disk writes
- Configurable pass count
Additional Hardening
FLAG_SECURE
Blocks screenshots and screen recording on all activities. ADB screencap returns black.
PII Redaction
No PIN, passphrase, secret, or emergency code values are ever written to logcat.
R8 Obfuscation
Release builds use minification and resource shrinking with R8 for obfuscated DEX output.
Security Audit System
Mortui includes a comprehensive security scoring system that evaluates your configuration and provides recommendations for improvement.
- PIN configuration validation (30 points)
- Permission status checks (25 points)
- PIN strength analysis (20 points)
- Biometric configuration (15 points)
- Emergency recovery setup (10 points)
Security Levels
Open Source Transparency
Mortui's entire codebase is open source, allowing for full security audit capability. Review our implementation and contribute to improvements.