Security

Aurict Mobile is built on the principle that your data stays with you.

Account Authentication

Sign in with Firebase Auth (Google, GitHub); session tokens are exchanged with the Aurict backend. We never store third-party passwords.

Secure Token Storage

Session tokens are held in device secure storage (iOS Keychain / Android Keystore). Tokens are protected so they never leave your device unguarded.

Trusted Device Flow

Explicit trust decisions for remote sessions, managed from a trusted-device bottom sheet. Only sessions you approve can connect.

Local-First API Keys

Your provider keys stay on device (BYOK). Keys are not sent to our cloud — only to the provider you choose.

Encrypted Remote Channel

Desktop remote control runs over a direct peer-to-peer WebRTC channel. Traffic between desktop and phone is encrypted.

Security at Onboarding

The onboarding security screen explains Aurict Mobile's security model up front, so you know exactly what you share.

More:Privacy Policy · Terms of Service