Last week, our competitor “Grindr” suffered a severe security issue that exposed sensitive information of all their users. This is not the first time “Grindr” is having this kind of problems, we all remember their incident early 2012. This time, the problem has been more serious. A third-party platform discovered a couple of flaws, exposing the information of a huge amount of users all around the world. The users’ locations were exposed and the users were not informed that this data is being sent. The issue was even bigger as users who had opted out of sharing data were also involved. That does not make “Grindr” a secure and trustful App.
The security and data protection is a feature that all social Apps have to take more seriously. Sharing public profiles and having a lucrative business selling this info cannot be accepted.
u2nite has been designed from the ground up with three concepts in mind: beauty, simplicity, and protecting privacy & security of our users. In order to protect privacy, many areas to focus on have been identified. u2nite is the most secure dating App. As opposed other social networks, u2nite does not operate a central database containing members´ data.
Every data transfer between the u2nite app on a user’s device and a u2nite service endpoint is endtoend encrypted using TLS 1.2 and better. We built a public key infrastructure (PKI) to authenticate users and authorize access to u2niteservices. As opposed to traditional username-password schemes, this offers a few benefits. Our users do not have weak or forgotten passwords. Our users are just not involved with authentication issues, things just work out of the box. u2nite does not ask email addresses or personal contact data so the users are free to use our services without exposing them. There are no credentials on the servers. With private keys being stored exclusively in a protected area of device storage, where only the u2nite app has access to, there is no easy way for attackers to compromise user authentication data.
This gives us a leading edge when it comes to protecting our users and our services from attackers.
Moreover, our users own their profile data, and they trust us to keep them protected. We achieve this by implementing several features. As long as u2nite does not store profile data on servers, user’s profile data is being stored exclusively on his device. The user is only visible when is present, it means that once the presence period comes to an end, the user’s profile is erased from all services and becomes non-existent to anything but the user’s device. Compared to most competitors who store private user data on the servers, u2nite drops every knowledge about users once their presence period ends. So even when breaking in our servers, attackers ever only see a minimal subset of profile data – data that does not contain leads to the person in the real world.
Most of our competitors advertise their ability to work with ‘precise location’ data. Needless to say, we do work with precise location data, too. But when it comes to the location of our users, we introduce a so-called blur factor. The blur factor algorithm puts a user’s location marker randomly within the bounds of the box before making it visible to other users of u2nite. The blur factor prevents our users to accidentally expose their location to attackers and malicious people. Again, our competitors put their users at risk of having uninvited people showing up. This is very critical particularly in countries where gay people are victims to persecution and torture.
Another feature to highlight is that we are offering a dating button which, once activated, connects two people interested in a meeting. In order for them to stay safe until they know who they are dealing with, we suggest public places as meeting spots, found automatically by the app by referring to public venue data. Such meeting spots can be cafes, museums, galleries, etc. This way, none of our users has to expose his precise location to others.
For these reasons, u2nite is easy and fun to use, u2nite is safe!