Skip to main content
A collection of common questions about the Enigm ecosystem.
Enigm is the private messaging product in the Enigm ecosystem. It provides secure messaging, secure calls, account onboarding, device association, Active Defense, multi-device workflows, VPN Service usage, and Proxy Network traffic separation.
Enigm Command is the web control panel for account lifecycle, device visibility, session control, Enigm Server management, Enigm eSIM management, Enigm Key device visibility, product lifecycle, payment workflows, and managed-device operations.Enigm Command is not a messaging client and does not provide plaintext access to messages, attachments, calls, or private keys.
Enigm Server is a dedicated private messaging environment for approved Enigm users. It supports controlled membership, server ID join requests, administrator approval, region selection, and lifecycle control over server-scoped encrypted content.Server administrators can manage membership and encrypted content availability. They cannot read message plaintext, attachment plaintext, user communications, or private key material.
Enigm OS is a secure operating system designed to provide additional Device Trust, platform hardening, Trust Security Center visibility, network policy controls, controlled device management, and secure update governance.Enigm OS strengthens device posture, but it does not replace end-to-end encryption, user trust decisions, secure messaging architecture, or security awareness.
Enigm Key is a physical emergency key device. It allows a user to trigger an SOS workflow that notifies selected contacts and shares event-bound location information until the user cancels the emergency sending workflow.Enigm Key remains dormant during normal non-emergency operation to support user privacy.
Enigm eSIM is a private connectivity product focused on data-only mobile connectivity. It is purchased and managed through Enigm Command and linked to the user’s Enigm account.Enigm eSIM is separate from secure messaging, end-to-end encryption, VPN Service, Proxy Network, and Device Trust.
No. Enigm provides Enigm eSIM as a commercial facilitation and lifecycle-management service. Enigm is not a mobile network operator, mobile virtual network operator, telecommunications carrier, radio access network operator, or direct issuer of the underlying carrier connectivity.The underlying mobile data service is operated by an independent telecommunications infrastructure provider.
Enigm does not operate the carrier network and does not receive carrier-layer traffic records as part of normal Enigm eSIM operation.Enigm cannot provide carrier network traffic records, carrier IP allocation logs, carrier connection logs, or carrier-side telecommunications records that are held only by an independent telecommunications infrastructure provider.
Standard Enigm account registration is designed to minimize dependency on public identifiers. Enigm does not require email address, phone number, or identity document collection for normal account registration.
Enigm is designed around data minimization, identity minimization, metadata reduction, privacy-preserving identifiers, content confidentiality, and user control.The platform collects and retains only the information required to operate services, provide security functions, maintain platform integrity, support lawful compliance obligations, and preserve operational reliability.
Enigm administrative systems are not intended to provide plaintext access to messages, attachments, secure call content, media, or user conversations.Server-side message storage, where required for delivery, stores encrypted content objects.
Metadata and operational identifiers are minimized, purpose-limited, access-controlled, and protected at rest and in transit. Enigm uses privacy-preserving identifiers where device or lifecycle correlation is required.Some operational identifiers remain necessary to route services, authenticate requests, enforce lifecycle controls, support security monitoring, and maintain platform integrity.
Enigm messaging uses end-to-end encryption. Message access depends on trusted device association and protected key material. Administrative controls do not grant message plaintext access.
Keys are generated on the device. Private key material is intended to remain device-bound, protected by secure device storage, and protected by hardware-backed mechanisms where available.On iOS, protected storage uses Keychain and Secure Enclave capabilities where available. On Android, protected storage uses the platform keystore and hardware-backed key protection where available.
Enigm incorporates post-quantum cryptographic algorithms standardized by NIST as part of its cryptographic architecture.This statement does not mean that Enigm itself is certified, approved, or audited by NIST.
Active Defense is an Enigm App security capability available in production to a selected user pool. It analyzes security-relevant network behavior over a bounded assessment period to help identify suspicious mobile malware or spyware risk patterns.Active Defense does not inspect message plaintext, call content, attachments, media, documents, user conversations, private keys, or recovery phrases.
Device Trust is the evaluation of whether a device should be treated as trusted for account, messaging, or management workflows. Device Trust is separate from Account Trust, administrative authorization, Remote Attestation, and OTA eligibility.
Trust Security Center is the local Enigm OS device trust evaluation system. It evaluates device security signals and presents user-visible trust states: Protected, Review Required, and Inactive.Trust Security Center is not an antivirus and not a numeric security score.
No. Administrative authority can manage lifecycle, membership, devices, sessions, product state, and encrypted content availability where authorized. It does not provide cryptographic authority or plaintext access.
Enigm does not currently provide user data export workflows. Enigm cannot export plaintext messages, plaintext attachments, secure call content, private keys, or data that is technically unavailable.
Yes. Enigm maintains ISO/IEC 27001:2022 certification for the documented certified scope. The public certificate is available in the Security Assurance section.
Enigm maintains private assessment evidence under NDA, including cryptographic assessment, penetration testing, mobile application assessment, infrastructure assessment, and broader security review materials.Public documentation does not publish private reports, sensitive findings, remediation records, internal procedures, or assessment workpapers.