Features

Verified Boot

Locking the bootloader after installation enables the bootloader and kernel to enforce verified boot (AVB), which is a security feature designed to ensure the integrity of a device's software by verifying the authenticity of the boot image and critical system partitions during startup. Using cryptographic signatures, AVB prevents unauthorized or malicious modifications, and maintains a secure "chain of trust" from the firmware to the operating system. AVB enhances device security by ensuring only trusted software runs, safeguarding users from malware and exploits introduced through compromised system images. Renati implements strict security controls that detect if the bootloader has been unlocked and will initiate a self destruct sequence.

Asset Loss Prevention

Also known as a factory reset on inactivity enables the phone to self detruct in the event of loss, theft and to ensure that all data is destroyed upon expiration.

Customizable wipe function within 7, 14, 30, or 60 days of inactivity. If you have not unlocked your device within a set number of days, the system will trigger an automatic factory reset.

The device does not require to be online, as it's managed autonomously by the device itself.

Immune to SIM Swapping

Renati mitigates the risks of SIM swapping by eliminating reliance on the IMEI or SIM card for authentication. SIM swapping typically occurs when a hacker uses social engineering to trick a carrier into transferring a phone number to a new SIM, allowing access to sensitive information or accounts. By avoiding the use of SIM cards or IMEI numbers for verification, Renati strengthens user security against such attacks, reducing dependence on phone-based identifiers that can be easily compromised.

Automatic Restart

Enables the phone to automatically restart to clean up any remnants left over by the system and places the phone into a heightened security mode referred to as BFU (Before First Unlock). Customizable from 6 hours to 14 days. Please be aware you will not receive notifications until you successfully unlock the device.

Customization

Choose from a curated selection of wallpapers, ringtones (ChatMail how to if you want ChatMail calling to use the system ringtone) alarms and notifications.

Lockscreen

• Mandatory strong password requirements with a minimum length of 14 characters
• Optional fingerprint authentication with mandatory password challenge to a maximum of 12 hours
• Maximum 5 minute screen timeout
• Maximum 10 password attempts before the device self destructs

Automatic Tampering Protection

Renati incorporates advanced tampering detection mechanisms that continuously monitor and secure the device from potential threats. The system runs a series of automated security checks, looking for signs of unauthorized packages, cloaking apps, root access, and modifications to the device's binaries. It also detects changes in the device’s unlock status and verifies the integrity of SELinux settings. Additionally, Renati uses package fingerprinting to ensure that only trusted, verified apps are installed. If any suspicious activity or potential security breach is detected, the device assesses the severity of the threat and, depending on the level of risk, will automatically trigger a self-destruct sequence. This wipes all sensitive data to prevent unauthorized access or data theft, ensuring that even in the event of a security compromise, the user’s information remains protected.

Enhanced Biometric Authentication

Renati requires a mandatory strong password with a minimum length of 14 characters. To reduce password fatigue, you can enable fingerprint authentication. You can configure the maximum timeout to 12 hours before a password challenge is required.

Maximum Password Length

Password length has been increased to 32 characters for users that require even stronger security against brute-force attacks.

Private Keyboard

Many keyboards collect and analyze the content you type, defeating the purpose of encryption entirely. Renati features a custom keyboard that has recently undergone a significant upgrade, now offering offline spell check and text suggestions. The Renati keyboard is designed to prevent data extraction, with the spell check library stored locally on the device. This ensures no data is sent to our infrastructure for spelling suggestions, performance tracking, or typing history.

Clipboard / Copy & Paste

Copy and paste functionality comes with significant risks, especially when handling sensitive or confidential data. It is important to fully understand these dangers before enabling clipboard use. Numerous tools can monitor, and extract content copied to the clipboard. Additionally, any data copied to the clipboard is not encrypted, making it vulnerable to unauthorized access. We have gone to extreme lengths to ensure these tools cannot access your clipboard data. As a result, we offer the option to enable copy and paste through the security settings. This feature is disabled by default.

Removal of Location Services including Fused Location Services

To strengthen device security, we have eliminated location services and fused location features, as our platform does not include a maps application. By removing these functionalities, we prevent the exposure of location data, ensuring a more secure user experience.

Removal of Bluetooth

Bluetooth, while convenient, poses several significant security risks including unauthorized access, device tracking and man-in-the-middle attacks. Weak security protocols, automatic pairing vulnerabilities, and the potential for denial-of-service attacks further amplify these threats. Many government bodies prohibit Bluetooth-enabled devices in sensitive or restricted areas due to these dangers. To prevent tactical infections and enhance security, we have removed Bluetooth from the hardware abstraction layer (HAL), ensuring it cannot be exploited as an attack vector.

USB Data and signalling disabled

To protect against physical extraction and infection, we have disabled both USB Data and Signaling on the device. By disabling these features, we reduce the risk of infection and unauthorized data transfers that could occur through physical connections.

Emergency and Presidential Alerts Removed

Over the years, vulnerabilities have been discovered that allowed attackers to exploit these types of alerts to remotely infect devices. This feature has been removed to prevent remote infection capabilities.

No Google Services or Firebase Cloud Messaging (FCM)

Renati does not rely on Google Services or Firebase Cloud Messaging (FCM) for its functionality. As we develop all our products in-house, we have full control over the infrastructure and security. Instead of using external services, we utilize our own secure socket tunneling technology, ensuring that data transmission remains private, secure, and under our control without depending on third-party services.

Web Browsing Ability Removed

Web browsers account for the majority of zero-click and one-click kill chains. By removing web browsing capabilities, we greatly enhance the device's resiliency, preventing the delivery of malicious payloads.

Screen Capture and Screen Recording Disabled

Screen capture and screenshot functionality have been disabled at both the system and ADB level to protect sensitive information. This measure prevents unauthorized access to visual data, ensuring that no screenshots or screen recordings can be taken, whether through user actions or remote commands, thereby enhancing the device’s security.

GSM Calling, MMS and SMS Functionality Removed

GSM calling, MMS, and SMS functionality have been removed from Renati to enhance security. The device only supports data connections via Wi-Fi or SIM data, eliminating standard telephony features and protecting against potential zero-click baseband attacks.

Duress password

Renati features a duress password that can be entered directly into the lock screen. You will need to manually configure the duress password in your security settings. Duress passwords are crucial for ensuring security in high- risk situations where a user is being threatened or coerced into unlocking their device. Upon entry, the duress password instantly wipes the device, erasing all data and returning it to the activation setup screen. This feature allows users to protect their sensitive information and prevent unauthorized access or data theft, even under duress.