Identity Keys Explained

Every user in Forsta has a unique Identity Key pair. The private portion of this key pair is known only to the owner and lives on their devices (it is never seen by Forsta or any other entity). The public portion of the key pair is stored on Forsta servers and is used for securely identifying and encrypting messages for a user.

When initiating a new device, the identity key must be transferred from an existing device. Because the private identity key can never be known to Forsta this requires that an existing device is online to authorize the transfer.

If you must generate a new identity key, it will raise an alarm for any users you previously communicated with indicating to them that your identity has changed. This is an important security measure for both parties to ensure that any hacking attempts do not go unnoticed.

For example if a hacker gains access to your account (but not your devices), they may attempt to replace your existing identity key with a new one and then engage in nefarious communication with your contacts. The alarm and trusted contact feature will prevent this exploit from going unnoticed.


Please sign in to leave a comment.