


| FEATURE | ECALL | TYPICAL APPS |
|---|---|---|
| Call encryption | Always end-to-end encrypted AES-256-GCM · blocks insecure connections | Not always encrypted Stored in plaintext |
| Key storage | Keys never leave your device Secure Enclave | Stored in software May be backed up to cloud |
| Forward secrecy | Every call has its own key ECDH · past sessions stay secure | Same key reused Past sessions may be exposed |
| Network trust | Blocks fake servers SSL pinning · MITM protection | Standard HTTPS Relies on default certificate trust |
| Provider access | Not even Ecall can access your calls Zero-knowledge | Full data visibility Metadata and activity accessible |
| Code transparency | Transparent by design Open client · verifiable | Closed black box Cannot be independently verified |