Peace of mind in your pocket

No matter where you go, your smartphone is under constant attack from criminals, corporate spies and foreign governments. Professionals around the world trust their Armadillo Phone to protect them. They travel anywhere safely using it's decoy passwords and advanced hacking protection. Combined with security peripherals, an Armadillo Phone can secure itself physically and digitally. Decentralized encryption protects all communications. Cameras or microphones can even be removed. No other phone offers the same level of defense.

Security

Armadillo Phone uses a minimalist operating system that proactively defends against hackers. Cameras, microphones and fingerprint scanners can be physically removed. If you're being tortured or searched you can reveal a decoy password to enter a separate decoy mode. Enter a wipe password to erase your device. Our unique anti-theft beacon will shutdown your phone if it's stolen and our NFC access card provides additional authentication to access your data. Enhanced memory protection neuters hacking attacks that target other phones. All communications are encrypted using the strongest zero-trust protocols to prevent interception. Lockscreen improvements mitigate shoulder-surfing. Use our control panel to easily monitor and secure thousands of devices. Our network is monitored by a team of professionals waiting to defend against hackers. Regular updates keep you patched against the latest vulnerabilities. We even pay outside security experts to audit our services and keep us prepared.

Privacy

We value our customer's privacy and this is why we offer anonymous payment methods and require no personal information to purchase. Our offshore servers and Canadian privacy laws help protect you from international government surveillance. We operate on a "zero-trust" basis, so we never have access to a user's messages or encryption keys. You can even purchase your own server to maintain total control of your metadata.

Protect yourself now

Features

Tamper-resistant packaging

All our packaging and shipments are sent with tamper-evident seals to prevent your orders from being intercepted and physically modified. Package interdiction is a common method state-sponsored attackers use to compromise your security.

Device inspection

Devices are disassembled and inspected prior to being sent to make sure we haven't received any tampered or modified phones.

Secure hardware

Cameras, microphones and fingerprint sensors can be removed to prevent compromise in the unlikely event your Armadillo Phone is hacked. Headphones with in-line microphone are provided to make secure phone calls. We use the Nexus 5X for our platform, a highly-audited smartphone with guaranteed security updates and security bounties of up to $350,000 for vulnerabilities.

Deniable Encryption

Armadillo Phone uses multiple passwords to allow you to hide your secrets, even when you're forced to give them up. The encryption is also strengthened, making bruteforcing attacks extremely difficult.

Use your secret password to access your real data.
Use your decoy password to access your decoy data.
Use your wipe password to erase your data.

Zero-Day Protection

A stripped down operating system, combined with advanced memory protection and code sanitization make memory corruption vulnerabilities that affect other phones extremely difficult to exploit. We use memory-safe programming languages whenever possible to further prevent attacks.

Security Peripherals

Armadillo Phones include security peripherals that combine with your phone to enhance security.

Anti-Theft Beacon: Prevent theft or forensic seizure by automatically shutting down when disconnected.
NFC Access Card: Authenticate for an additional level of protection.

Proactive defense

Our applications monitor suspicious activity, alert the user and prevent attacks before they happen.

Radio Sentinel: Monitor cellular or Wi-Fi networks for attacks and disconnect them.
RAM Sentinel: Monitor the temperature for cold-boot attacks and shutdown if too cold.
Theft Sentinel: Alarm and shutdown the phone if the anti-theft beacon is disconnected.

Zero-Trust Communication

Our communications applications use end-to-end encryption to protect your messages. Even if our server is hacked your conversation is still secure.

Chat: Secured using OMEMO encryption.
Email: Secured using PGP-N encryption.
Voice: Secured using ZRTP encryption.

Productivity

Enhance your business productivity without compromising security.

Calendar: Offline calendar to plan events.
Notepad: Offline notepad to store your thoughts.
PDF Viewer: Open and view PDF files securely.
Tasks: End-to-end encrypted task planner to collaborate with your co-workers.

Decentralized

Don't allow international third-parties to control your metadata. Protect yourself with our included offshore communications network or use your own. We can supply you with private servers completely under your control.

Technical Details

  • Storage Encryption

    -AES-256-XTS block-level FDE
    -Block-level FDE isntead of Android's file-based encryption which leaks metadata -Scrypt work factors increased to 20:3:1
    -Minimum 8-character password
    -Completely software-based
    -Keymaster and gatekeeper disabled
    -Normal password for deniable encryption
    -Secret password stored at randomized offset
    -Secret volume is hidden inside unused portion of decoy data
    -Wipe password in footer to erase device
    -Separate lockscreen password
    -Password verification order randomized at runtime to prevent timing attacks

  • Memory Protection

    -Enhanced KASLR and userland ASLR
    -Increased ASLR entropy
    -Several PaX patches ported
    -Zygote uses exec() spawning instead of fork()
    -Improved SELinux rules
    -Hardened malloc implementation
    -Stack and heap canaries detect overflows
    -Enhanced FORTIFY_SOURCE implementation
    -Function pointer protection
    -Restrictive compile-time sanitization
    -Additional attack surface reduction

  • Communication Encryption

    -All connections made using pinned TLS 1.2 connections with 4096-bit certificates
    -Metadata can be further protected by enabling optional VPN
    -Verify encryption keys using manual verification, QR code, SMP or NFC
    -Voice uses ZRTP encryption
    -Chat uses OTR + OMEMO encryption
    -Email uses PGP-N encryption
    -Email uses randomized subjects
    -Email uses pinned TLS 1.2 connection to keyserver
    -Email requires 4096-bit PGP keys

  • Sentinels

    -Radio Sentinel: Monitors WiFi networks for ARP poisoning. Monitors cellular networks for 2G networks, performs sanity checks and compares cellular towers to a database of known network
    -RAM Sentinel: Monitors temperature to prevent cold-boot attacks
    -Theft Sentinel: Connects to anti-theft beacon over BLE, alarms both beacon and phone if disconnected. If phone isn't unlocked or beacon isn't reconnected within 5 minutes the phone will shutdown.

  • Interface

    -Easy-to-use UI without confusing technical terms
    -Get help from our team instantly through built-in apps
    -Control overall security level with a simple widget
    -Low security: browser enabled, insecure communication enabled, secure applications disabled
    -Medium security: browser disabled, insecure communication enabled, secure applications enabled
    -High security: browser disabled, insecure communication disabled, secure applications enabled, Sentinel applications activated, VPN enabled, USB file transfer disabled

Ready to protect yourself?

Your attackers aren't going to wait for you to decide...