Application Security

Zero-knowledge encryption protects your identity data. We can't see your passwords, personal information, or recovery phrase. Even if we wanted to.

Security by Design

How we protect your data

We Can't See Your Data

Zero-knowledge encryption means your data is encrypted on your device before it reaches our servers. We never have access to your encryption keys.

Anti-Phishing Protection

Your unique security identity proves you're on the real WIGGWIGG site. Phishing sites cannot fake this without access to our servers.

Enterprise-Grade Encryption

AES-256 encryption protects your data using the same standards trusted by banks and governments worldwide.

Canadian Company, Protected Data

Canadian company subject to Canadian privacy laws (PIPEDA). Zero-knowledge encryption ensures your sensitive data is protected regardless of server location.

Your Data, Your Control

WIGGWIGG uses zero-knowledge architecture, meaning your identity data (names, addresses, passwords, notes) is encrypted on your device before upload.

We cannot see your passwords, personal information, or recovery phrase. Even our engineers cannot decrypt your data. Not even with legal requests.

Client-side encryption

No server access to keys

You control your data

No password resets

Deep Dive

Application Security Documentation

Learn how we protect your identity data with zero-knowledge encryption

Zero-Knowledge Encryption

We can't see your data, even if we wanted to

  • AES-256 encryption

  • Client-side encryption

  • No key access

  • End-to-end encrypted

Learn more about application security

Anti-Phishing Protection

Built-in protection against phishing attacks

  • Security identity

  • Visual verification

  • Unique avatar

  • Audio signature

Learn more about application security

Recovery Phrase

Your only way to recover access if you lose your password

  • Your only backup

  • 24-word security

  • Offline storage

  • No password reset

Learn more about application security
How It Works

Multiple Layers of Protection

Every piece of your identity data is protected by multiple security layers working together

Learn more about how we protect your communications: Communications Security

Common Questions About Application Security

What is zero-knowledge encryption?
Zero-knowledge encryption means your data is encrypted on your device before it reaches our servers. We never have access to your encryption keys, so even our engineers cannot decrypt your identity information, passwords, or personal data. Only you can unlock your data with your password.

What happens if I forget my password?
If you forget your password, you can restore access using your 24-word recovery phrase. This is why we strongly recommend saving your recovery phrase in a secure location when you first create your account. Without your password or recovery phrase, we cannot recover your account. This is by design to protect your privacy.

How does anti-phishing protection work?
Before you enter your full password, we show you a unique security identity (phrase and avatar) that only the real WIGGWIGG can display. Phishing sites cannot fake this without access to our servers. If you don't see your security identity, don't enter your password. You're likely on a fake site.

Can WIGGWIGG employees see my data?
No. Your identity data (names, addresses, passwords, notes) is encrypted on your device before upload. Even if our engineers wanted to, they cannot decrypt your information. We use zero-knowledge architecture specifically so we cannot access your data. Not even with legal requests.

What's the difference between application security and communications security?
Application security covers your identity data (names, passwords, personal details), all protected with zero-knowledge encryption. Communications security covers phone calls and SMS/MMS messages, which are subject to legal requirements for safety checks. Your identity data remains fully encrypted; only communications are scanned in real-time as required by law.

How do I know my data is actually encrypted?
Our encryption happens in your browser using industry-standard Web Crypto APIs. You can verify this by inspecting the network traffic, all data sent to our servers is encrypted ciphertext. We also use AES-256-GCM encryption with client-side key derivation, which are industry-standard encryption protocols used by banks and governments.

What if WIGGWIGG gets hacked?
Even if someone breaches our servers, your data remains protected. All they would find is encrypted ciphertext that cannot be decrypted without your password. We never store your password or encryption keys on our servers. They only exist on your device. This is the core principle of zero-knowledge architecture.

Can I export my data?
Yes. You have full control over your data. You can export your identities, passwords, and personal information at any time from your account settings. The exported data is encrypted and can only be decrypted with your password, ensuring your data remains secure even during export.

Ready for Zero-Knowledge Security?

Get started with WIGGWIGG today and experience true data privacy