Frequently Asked Questions

We are a private company based in Zug, Switzerland, operating with complete independence. We have no ties to and receive no funding from Big Tech. We believe that personal data should never be used for enrichment. You are the owner of your own data. This is why we build services requiring the absolute minimum amount of personal information.

Geography is part of our security model. Switzerland offers three critical advantages:

• Outside "14 Eyes": Switzerland is not part of the US/EU mass surveillance intelligence alliances.
• Legal Protection: The Swiss Federal Data Protection Act (FADP) is one of the strictest in the world.
• Neutrality: Political stability allows us to operate without government interference.

Because the current internet is broken. Today, "free" services (like Gmail or Meta) come at the cost of your digital soul. Your location, conversations, and habits are auctioned to the highest bidder.

We believe privacy is a fundamental human right, not a setting to be toggled. We built Arpokrat so you can communicate without being traced, profiled, or sold.

No. "Trust us" is a security hole. That is why we built a Zero-Trust Architecture. We don't ask for your trust; we prove our integrity through open-source code and mathematics. Our systems are designed so that even if we wanted to spy on you, we couldn't. We cannot read your messages or access your keys.

No. Absolute Zero. You will not find a "Cookie Banner" on this site because we have nothing to declare. We do not track your behavior, we do not use analytics, and we do not serve ads. Our website is stateless and respects your browser's privacy settings by default.

No. We provide the software (ArpokratOS), but you must provide the hardware (Google Pixel). This is a deliberate security choice called Supply Chain Security.

If we shipped you a phone, it could be intercepted and tampered with during shipping (interdiction). By buying a sealed Pixel locally and flashing it yourself via our WebFlasher, you guarantee that the hardware has not been compromised.

Our policy is summarized in one sentence: We cannot leak what we do not collect.

We keep zero logs. We know zero metadata. We require zero personal information. Our servers run on RAM-disk and are wiped instantly upon power loss. For the full legal details, please read our Privacy Policy.

Yes, coming soon. We are currently developing a dedicated B2B ecosystem for corporations, journalists, and legal firms requiring defense against industrial espionage. This will include Fleet Management and private hosted nodes. Contact us for early access.

No. There are no user accounts, no passwords to reset, and no emails to verify.

Currently, we strictly support the Google Pixel 8. We are working on expanding support to the Pixel 8 Pro, 8a, and the Pixel 9 series in the near future.

Security requires specific hardware. The Google Pixel 8 is equipped with the Titan M2 security chip, which allows for Verified Boot with custom cryptographic keys. Other brands (Apple, Xiaomi, Samsung) operate as "walled gardens" and do not allow us to fully replace the operating system at the root level without compromising security integrity.

No. You do not need to be a developer. We have simplified the process into a few detailed steps. If you can follow a recipe, you can secure your phone.

"Flashing" is the process of completely wiping the stock Android operating system provided by Google and replacing it with ArpokratOS. It overwrites the internal memory of the phone to ensure no trace of the original software remains.

You will need a computer and a USB cable. Simply follow our step-by-step guide available here: How to Install.

Yes. The entire disk is encrypted using high-entropy keys derived from your password and the Titan M2 chip. Without your password, the data is mathematically indistinguishable from random noise.

Consider it a brick. Since we do not hold your keys, no one can decrypt it. Your data remains inaccessible forever.

We recommend a strong alphanumeric password (letters, numbers, symbols) of at least 8 characters. A simple 4-digit PIN is not sufficient against modern brute-force attacks.

The device initiates a Security Wipe. All data on the phone is instantly and irreversibly cryptographically wiped. This protects you if someone tries to force-guess your password.

The Nuke PIN is a duress code. If someone forces you to unlock your phone under threat, you enter this specific password. All data on the phone will be instantly and irreversibly wiped.

This is a physical trigger (a specific combination of button presses) that allows you to wipe the phone instantly from your pocket, without needing to look at the screen.

If the phone is not unlocked for 4 hours, it reboots. This flushes the RAM (volatile memory) where encryption keys are temporarily held while the phone is active. This puts the phone back into a "Before First Unlock" (BFU) state, which is the most secure state against extraction.

No. The GNSS (Global Navigation Satellite System, commonly known as GPS) driver is disabled at the Kernel level. The Kernel is the core program that manages the phone's hardware. By disabling it there, we ensure that the hardware simply cannot communicate your location to the software.

You cannot update via the internet (OTA). To update, you must re-flash the phone. We disabled Over-The-Air updates because they represent a significant remote attack vector. Security requires effort.

Yes, using the pre-installed privacy browser and the search engine DuckDuckGo. We strongly advise against using Google or Bing, as this defeats the purpose of the phone.

Technically, yes, by downloading the APK file (Android Package Kit, the installer file for apps) directly. However, we strongly advise against installing third-party apps. Every app you install increases your attack surface and potential for data leakage.

Yes, standard GSM calls and SMS work if you insert a SIM card. However, these are not encrypted and can be intercepted by telecom providers. We recommend using the native Arpokrat Messenger for all communication.

Not yet. We are currently developing a secure, metadata-free email client. For now, ArpokratOS is focused on instant communication.

The license is tied to the device to ensure security integrity. If you switch to a new phone, you will need to purchase a new license.

Yes. While ArpokratOS is exclusive to Pixel, the Arpokrat Messenger application is available on the iOS App Store, Google Play Store and F-Droid. It is compatible with all modern smartphones. We are also developing desktop versions for Windows, Mac, and Linux, coming soon.

Standard encryption used by apps like Signal or WhatsApp will likely be broken by future Quantum Computers (a threat known as "Harvest Now, Decrypt Later"). Arpokrat Messenger protects you against this future threat today by using next-generation algorithms (Kyber/Dilithium) that are mathematically resistant to quantum attacks.

No. Absolutely nothing. Your identity is a cryptographic key pair generated locally on your device. We do not know who you are, and we do not link your account to any real-world identity.

Yes. Every message, file transfer, voice call, video call, and transaction is End-to-End Encrypted (E2EE). Only you and the recipient can decrypt the content. Even we cannot see it.

None. We use the SimpleX protocol, which changes the paradigm entirely. Unlike other apps, Arpokrat Messenger has no user identifiers (no phone numbers, no emails, not even random user IDs). The relays only see temporary, anonymous message queues. They cannot build a "social graph" of who is talking to whom.

Since there are no phone numbers, you connect via a Direct Exchange. You can scan your contact's QR Code in person, or generate a unique "Deep Link" inside the app and share it via another secure channel.

If you are offline, messages sent to you are temporarily stored on our decentralized blind relays. These relays hold encrypted "blobs" of data they cannot read. Once you come online, the message is delivered and instantly deleted from the relay.

Yes. You do not have to sacrifice usability for security. Arpokrat Messenger supports voice messages, file sharing, stickers, replies, and group chats, just like the apps you are used to.

Yes. You can route all traffic through the Tor network by simply enabling the option in the settings. This masks your IP address from the relays and your internet provider.

Yes, you can secure the app with a separate PIN, adding a second layer of defense even if your phone is unlocked.

Yes, you can create a local encrypted backup of your conversations to transfer them to a new device. However, you are responsible for storing this backup securely.

No. The Wallet and Swap features are built directly into the Arpokrat Messenger application. You do not need to download or manage a separate app. You can chat and send funds in the same secure environment.

Yes. "Not your keys, not your coins." You possess the private keys (Seed Phrase) to your wallet. Arpokrat has absolutely no access to your funds and cannot freeze your account.

Currently, we support Monero (XMR) for privacy and USDT for stability. We plan to add more assets in future updates.

No. We only support cryptocurrencies. Integrating fiat currency would require partnerships with traditional banks and enforcing KYC (identity verification), which strictly violates our zero-data policy.

Yes, you can send crypto directly within the chat interface, as easily as sending a photo. Transfers are settled instantly on the blockchain.

Yes, the integrated Swap feature allows you to exchange XMR for USDT (and vice versa) instantly without leaving the application.

No. There are no KYC (Know Your Customer) checks, no ID scans, and no transaction limits. You have total financial sovereignty.

We charge a flat fee of 0.25% per swap and 0.25% per transfer to support the development of the ecosystem. These are among the lowest fees in the industry for non-custodial services.

Unlike centralized apps (WhatsApp/Signal/Telegram) where all data flows through one company's servers, Arpokrat uses a mesh of independent relays. These are secure "drop-off points" for messages. If one node goes down, the network routes around it. There is no central point of failure or control.

Mobile devices cannot always maintain a direct connection to each other (due to firewalls, NAT, or being offline). Relays act as blind intermediaries. They hold encrypted data packets temporarily until the recipient comes online to retrieve them, ensuring 100% delivery reliability without central storage.

The relays are 'blind' because they operate on a Zero-Knowledge basis. They receive a cryptographically locked box and drop it into a temporary anonymous queue. They do not have the keys to open the box, and critically, they do not know the identity of the sender nor the recipient. They simply route encrypted data packets without understanding the social graph.

Our nodes are strategically distributed in jurisdictions that prioritize data sovereignty: Switzerland, Iceland, Panama, South Africa, and Malaysia. Learn more about our locations on our Infrastructure Page.

We selected these countries for their strong legal frameworks regarding privacy, their political neutrality, and their independence from the "14 Eyes" intelligence alliances. This legal diversity prevents any single government from pressuring the entire network. Full details available at Infrastructure.

Yes. We use a high-grade setup:

• Read-Only OS: The operating system is immutable. Even if a hacker gained access, they could not install malware or backdoors.
• RAM-Only: The servers have no hard drives for storage. All data lives in the volatile memory (RAM). If the power is cut all data vanishes instantly.

No. We have disabled logging at the server daemon level. We do not record IP addresses, connection timestamps, or routing history. Since the architecture is RAM-only, there is physically nowhere to write these logs.

Yes. For enterprises or organizations requiring total sovereignty, we offer a bespoke service to deploy dedicated private relays. This allows you to keep all encrypted traffic within your own infrastructure. Please Contact Us for a quote.

We primarily accept cryptocurrencies (Bitcoin, Ethereum, Monero, USDT, USDC, POL) for speed and maximum privacy.

However, we also accept secure credit card payments (Visa/Mastercard). Card transactions are processed by a fully regulated Swiss PSP (Payment Service Provider) to ensure your financial data remains under strict Swiss legal protection.

Instantly. As soon as the transaction is confirmed, our system automatically generates your license key and grants you access to the WebFlasher. You can install the OS on your phone immediately after paying.

If you are new to crypto, we recommend using Mt Pelerin. It is a regulated Swiss intermediary that allows you to buy crypto via bank transfer with No KYC (no identity verification) for amounts up to CHF 1,000 (approx. €1,000) per day, or by card with minimal KYC. It aligns with our values of Swiss reliability and privacy.