SafeMeet Security & Encryption Overview

SafeMeet is a privacy-first communication platform designed with security as the default.

Every message, file, call, and meeting on SafeMeet is protected by end-to-end encryption (E2EE) and cannot be read, heard, or accessed by SafeMeet servers or operators.

SafeMeet is built for environments where confidentiality, integrity, and trust are essential.

1. End-to-End Encryption by Default

SafeMeet enforces E2EE by default across all communication types:

• Messaging & file sharing: End-to-end encrypted using the Matrix cryptographic protocol (Olm / Megolm)
• Calls & meetings: Audio and video streams are encrypted end-to-end using frame-by-frame media encryption. SafeMeet servers function solely as encrypted data relays and do not have access to plaintext audio, video, messages, or shared files.

2. Messaging Security: Matrix Protocol (Olm / Megolm)

SafeMeet uses the Matrix protocol for secure messaging and file transfer.

Key properties

• True end-to-end encryption
• Device-based identity and verification
• Forward secrecy
• Post-compromise security (for 1-to-1 messaging)
• Open, publicly reviewed cryptography

The Matrix encryption design is cryptographically comparable to the Signal protocol and follows the same modern security principles used by leading secure messengers.

Olm is an implementation of a Double Ratchet–based protocol, similar in design to the Signal protocol. Megolm extends Olm to efficiently support large group chats government-level and nationwide scalability by using a sender-based shared-key model, conceptually similar to Signal’s Sender Keys approach.

Industry trust

Matrix-based encryption is trusted and used in:

Government and defense environments

Matrix-based encryption has been adopted in government and defense-related environments where secure, auditable communication is required.

Examples include:

• French Government – Uses Tchap, a secure messaging platform built on Matrix, for official government communications.
• German Federal Government – Supports Matrix-based secure messaging initiatives for internal and inter-agency communication.
• NATO – Matrix has been evaluated and referenced in secure collaboration and federated communication research within NATO-affiliated contexts.

Armed forces and public sector deployments in Europe

Matrix is one of the few open protocols that has seen actual deployment within European armed forces and public-sector institutions.

Examples include:

• Bundeswehr – Uses BwMessenger, a secure messaging system built on Matrix, for military personnel.
• French Ministry of the Interior – Deploys Matrix-based secure communications for public-sector and internal use.
• European Public Sector Bodies – Multiple EU institutions and agencies have adopted Matrix for sovereign and interoperable communications.

Healthcare and regulated industries

Matrix encryption is used in healthcare and regulated environments where data protection, auditability, and compliance are essential.

Examples include:

• National Health Service (UK) – Matrix-based platforms (such as Element) have been adopted in clinical, operational, and administrative contexts.
• European Hospitals and Research Institutions – Use Matrix for secure collaboration where GDPR compliance is required.
• Healthcare IT Providers – Integrate Matrix for secure messaging due to its open, inspectable encryption model.

Organizations requiring open, auditable security standards

Matrix is especially trusted by organizations that cannot rely on closed or proprietary encryption systems.

Examples include:

• Public Sector IT Organizations – Prefer Matrix due to its open standards and public cryptographic review.
• Research Institutions – Use Matrix for transparent, peer-reviewed security.
• Privacy-Focused Enterprises – Adopt Matrix to avoid vendor lock-in and opaque encryption.
• Open-Source Communities – Trust Matrix because its cryptography and implementations are fully auditable.

Unlike proprietary systems, Matrix cryptography is open source and publicly analyzed, reducing the risk of hidden backdoors.

Academic references

SafeMeet’s messaging encryption is based on protocols analyzed in peer-reviewed research, including:

• Matrix Cryptography

https://www.net.in.tum.de/fileadmin/TUM/NET/NET-2019-10-1/NET-2019-10-1_05.pdf

• Device-Oriented Group Messaging: A Formal Cryptographic Analysis of Matrix’ Core

https://eprint.iacr.org/2023/1300.pdf

3. Call & Meeting Security: Frame-Level E2EE

SafeMeet secures calls and meetings using End-to-End Encryption, implemented with modern WebRTC technology.

How it works

• Audio and video are encrypted on the sender’s device
• Media is encrypted frame by frame
• Decryption occurs only on participant devices
• SafeMeet servers cannot decrypt, record, or monitor calls

This design prevents:

• Server-side recording
• Insider access
• Cloud provider interception
• Network-level surveillance

Even if network traffic is intercepted, the encrypted media cannot be reconstructed or listened to.

4. What SafeMeet Can and Cannot See

SafeMeet servers cannot decrypt or access:

• Message content
• Files and attachments
• Audio, video, or screen-sharing streams
• Meeting conversations
• End-to-end encryption keys

What SafeMeet Does Access:

To operate a real-time communication service, SafeMeet servers necessarily process limited technical and routing information, including:

• User and device identifiers
• Room or meeting identifiers
• Encrypted message and media payloads
• Timestamps and delivery metadata
• Minimal technical metadata required for delivery
• Network information required to establish connections (e.g., IP addresses)

This information is used solely to deliver messages and calls. SafeMeet servers cannot use it to reconstruct message content or media.

Summary

SafeMeet combines:

• Matrix-based end-to-end encryption (Olm / Megolm) for messaging and file sharing
• Frame-level end-to-end encryption for calls and meetings
• Open, peer-reviewed cryptographic standards

SafeMeet uses device-generated, client-side end-to-end encryption for messaging, following the same architectural model used by modern secure messaging platforms such as Signal. For meetings and calls, SafeMeet enforces end-to-end encryption by default at the frame-level, whereas many mainstream collaboration platforms offer end-to-end encryption only in optional or limited configurations.

SafeMeet provides verifiable end-to-end encryption by default, ensuring that communication content remains accessible only to intended participants. We do not sell, share, or disclose user communication content to external platforms, advertisers, or third-party vendors.

SafeMeet is built for individuals and organizations that require strong privacy guarantees, architectural transparency, and clear security boundaries.

• sm-web-infrastructure-certificate.pdf
• sm-mobile-certificate.pdf

Source Code