1:1 Messaging & Groups
Individual messaging and groups (channels, access policies). Multiple groups per user with simultaneous presence in various groups.
Innovation 2026 · Patented French-origin technology
End-to-End Encrypted
Private Communications
E2E encrypted private communication suite, works on all devices worldwide — nothing to install: computer, phone, tablet, smart TV, media. Ultra mobile.
Built on an autonomous self-hosted low-power relay server. Designed to start from a microcomputer and grow across your largest infrastructures — from Raspberry Pi 5 to enterprise server, NAS and VPS. Andorran R&D, sovereign architecture.
CryptPeer is already operational
Try CryptPeer now
Access the locally self-hosted version of the CryptPeer team. Operational version available online to test end-to-end encrypted private messaging.
Access to CryptPeer
URL:
https://test.cryptpeer.com/login
QR Code to test CryptPeer
Access the public test serverScan this QR code or open the test URL directly to instantly access the CryptPeer demo instance.
New test server: CryptPeer is now accessible worldwide via a dedicated server installed on a KUBB Mini Fanless by Bleu Jour (French manufacturer and partner of FullSecure, distributor of Freemindtronic solutions). Version 2.0 v1.2 — now works without relying on an external VPN.
View all updates and evolutionsSelf-hosted deployment and secure access
CryptPeer can be deployed on the organization’s self-hosted computer or server, then made accessible through a dedicated domain or subdomain pointed to its IP address via a DNS A record.
The domain is protected by Let’s Encrypt for direct HTTPS access, while a self-hosted TURN server enables full management of audio and video calls.
Since encryption is performed on the endpoints, the server only receives already encrypted data: this is the principle of the blind server, at the heart of CryptPeer’s sovereign architecture.
Innovation 2026
Andorran patented technology of French origin
Andorran R&D · Sovereign architecture · Zero intermediary · Zero delegation · Zero collection
Patented
Patented segmented key authentication system. French-origin technology developed in Andorra.
Sovereignty
Sovereign architecture: zero intermediary, zero delegation, zero collection. Compatible with French sovereign hardware (Kubb Mini, DataShielder).
EviEngine: License system based on the motherboard serial number (not on identity), without server or database. Enables operation in an offline local network.
NFC & PGP HSM compatibility
CryptPeer is compatible with PassCypher HSM PGP, NFC HSM, DataShielder HSM PGP and NFC HSM to over-encrypt data, messages and files upstream before sending from these hardware security modules (HSM).
Made in Europe
Designed and developed in Andorra, in Europe, based on French-origin patents. Sovereign technology, independent from tech giants. Compliant with international data protection standards.
Compatible servers
From Raspberry Pi 5 (minimum configuration) to Intel/AMD mini-PCs, desktop PCs, NAS and Linux VPS
Immediate deployment
Fully autonomous solution, integrates into any existing infrastructure, works in a closed local network
Remote access
Firewall/router configuration (NAT / reverse proxy) + domain name/subdomain for Let's Encrypt
Communication Features
Messaging, audio/video calls, file transfers — all E2E encrypted
Audio / Video Calls
Individual A/V calls and conferences in a private self-hosted environment. Remote access possible depending on network configuration.
Files & Memos
Large-capacity file transfers (E2E). Sovereign choice: download your files encrypted or decrypted according to your security level and storage medium. File signing. In the message window, choose to download images and videos encrypted or decrypted.
No-account third-party transfer
Secure encrypted sharing with external recipients without account creation: encrypted link, random password, recipient-side local decryption, configurable retention, and automatic destruction.
Front/Rear Camera Management
Full control of your phone’s front and rear cameras for video calls, photo capture and encrypted video recording. Freely switch between cameras during calls. All multimedia content is end-to-end encrypted before sending.
A/V Recordings
Audio/video recordings: captured locally then sent encrypted. Decryption space is left to the user’s free choice.
Multilingual Interface
18 offline languages (interface language). Display obfuscation with selective decryption (temporary view in RAM).
All Devices — Zero Installation
Works on all devices worldwide — nothing to install: computer, phone, tablet, smart TV, media. Ultra mobile. “App-like” UX: automatic display-side configuration, the feeling of an installed app without actual installation.
Server List Management v1.2
Create your favorite server list to quickly and freely switch between different CryptPeer instances. Change servers in one click: organization server, client server, remote instance. Maximum resilience and total flexibility.
Secure real-time translation
Instantly translate up to 50 languages inside CryptPeer, without using a third-party service. Text translation is available in a dedicated space and directly integrated into end-to-end encrypted messaging, enabling smooth, confidential multilingual exchanges without unnecessary data exposure.
Encrypted shared calendar
Plan and track your activities in a shared calendar integrated into CryptPeer. Visible from the homepage, it enables coordination between contacts and discussion groups while preserving the confidentiality of dates, appointments and activity rhythms in an end-to-end encrypted environment.
Secure availability poll
Organize a meeting by proposing several time slots to your contacts, then quickly identify the date that suits the greatest number. Once validated, the event can be added to the participants’ shared calendar without exposing availability to a third-party platform.
Targeted private channels
Create compartmentalized communication relationships between a central interlocutor and several contacts who cannot see one another. Ideal for events, business relationships, sensitive environments, management, or any situation requiring discretion, segmentation and fine-grained exchange control.
Encrypted collaborative notes
Write, edit and share documents in real time within a discussion group in CryptPeer. With simplified editing, image insertion and PDF export, this feature allows collaborative content creation in a confidential end-to-end encrypted space.
Sovereign collaboration without third parties
Messaging, translation, calendar, scheduling and shared documents remain integrated within the same secure environment. This approach reduces content exposure, limits exploitable metadata and avoids scattering exchanges across external services.
Cybersecurity & Data Protection Features
Sovereign operator-exclusive communication system with advanced protection and secure backup functions
Encrypted Backup 3.2.1
Redundant encrypted backup system: back up your data redundantly across multiple media (USB, SSD, cloud, NAS, external drive). Automatic timestamping prevents overwriting. Supports large files. Planned evolution: integrated malicious file analysis.
Ransomware Protection
Thanks to Encrypted Backup 3.2.1, each backup is timestamped and distributed across multiple media, including the cloud. So when ransomware attempts to over-encrypt everything, at least one copy remains intact. The user can then restore their data from this preserved medium, ensuring continuity despite the attack.
Infostealer Protection
Data encrypted with CryptPeer is unusable even if stolen by infostealers. End-to-end encryption prevents the extraction of sensitive data even if malware accesses the files.
Espionage Protection
CryptPeer offers complete protection against espionage, whether remote (cyberattacks, unauthorized access) or proximity-based (prying eyes, screenshots). Data remains unreadable without your key, even if the medium is compromised. To reinforce this confidentiality, a masked mode displays information directly in encrypted form by default, reducing any risk of accidental exposure.
Data Theft Protection
Without your user key, stolen data is unusable. Encryption is based on your unique user ID. Even in the event of physical theft of the storage medium, the data remains protected and unreadable.
CryptPeer Hidden
CryptPeer Masked creates a sovereign, isolated space for ultra‑sensitive exchanges. Messages remain invisible until deliberately decrypted, with automatic re‑encryption that thwarts shoulder‑surfing, screenshots, and spyware. This design minimizes exploitable metadata, weakens social engineering, and blocks opportunistic espionage. Users retain full control, choosing encrypted or decrypted files according to operational needs. The masked bubble strengthens mobility resilience and hardens trust chains against indirect attacks.
Conversation Thread Export & Import
With CryptPeer, your conversations never truly disappear. Three export and import modes give you total control: raw JSON code for technical use, discussion mode to retrieve your exchanges as they were, or full restoration with the ability to activate or deactivate certain contacts. Thus even a thread deleted voluntarily or by mistake can be brought back to life, restoring the continuity of your exchanges whenever you choose.
Architecture & Operation
From Raspberry Pi 5 to enterprise server — natural scalability
1
Autonomous Relay Server
Blind transit role (never sees plaintext), database & metadata encrypted upstream. Compatible with Raspberry Pi 5, mini-PC, NAS, Linux VPS.
Raspberry Pi 5 Power Consumption:
- Idle: 2.4 to 3.3 W
- Maximum load: 9 W
- Average usage: ~4 W
- Estimated annual cost: ~€8.10
Examples of minimum hardware configurations
CryptPeer has been successfully installed on various mini-computer configurations, demonstrating its versatility and self-portability:
KUBB Mini Fanless
French fanless mini-PC, ultra-compact and silent. Ideal for discreet and mobile deployments.
Raspberry Pi 5
Cost-effective microcomputer with minimal power consumption. Perfect for testing and lightweight deployments.
Solar Mini-PC
Total energy autonomy. Ideal solution for isolated terrain and outdoor operations.
These examples illustrate the variety of CryptPeer installation possibilities, even on mini-computers, highlighting its self-contained nature and deployment flexibility.
2
Multi-Device Clients
Computer, smartphone, tablet, TV/media — zero installation, immediate use. Offline multilingual interface (18 languages).
3
Access Modes
Local-only: closed network (private Wi-Fi AP), without SIM/Internet.
Remote: firewall/router configuration (NAT / reverse proxy) + domain name/subdomain for Let's Encrypt.
4
HSM for Master Passphrase
PassCypher NFC HSM (Android NFC) & PassCypher HSM PGP (PC) for a master passphrase > 256 bits. Secure storage of secrets.
Security & Encryption
Patented segmented key authentication system — security by design
User-Side E2E Encryption
The server never receives plaintext; it only relays. Database and metadata are encrypted upstream, with zero exploitable metadata.
Segmented Key (Patented)
One derived key per conversation/group. One ephemeral key per message: each message uses a unique key. Compromising one message reveals nothing about the others.
Data-in-Use (RAM)
Decryption only in volatile memory, without persistent plaintext. Brief and controlled display window. Immediate zeroization of buffers after reading.
Instant Obsolescence
The message key becomes invalid upon any interface/system event (tab change, window change, scroll, etc.).
Blind Relay
The relay server only processes encrypted data. Automatic purge of unrecovered files if the SSD/SD becomes saturated.
2FA TOTP (Two-Factor Authentication)
Two-step verification using a TOTP code. Compatible with all TOTP key management software, including PassCypher HSM PGP and PassCypher NFC HSM (SHA1, SHA256, SHA512). Enable it from the profile. Protects the account even if the password is compromised.
Regalian & Sensitive Uses
Designed for the most demanding security and sovereignty requirements
Diplomatic communications
Protection of sensitive exchanges between diplomatic missions, embassies and consulates. Guaranteed sovereign architecture.
Military operations
Secure communications for tactical operations. Local-only mode, network undetectability, maximum resilience.
Air-gap networks
Operation in an isolated closed network (air-gap). No Internet connection required. Compatible with French sovereign hardware.
Sensitive organizations
Protection of critical data for strategic companies, public institutions and sensitive research centers.
Pseudonymous anonymity
Anonymous communications under pseudonyms. No collection of exploitable metadata. Network undetectability.
Sovereign self-hosting
Total control of the infrastructure. Zero cloud dependency. Compatible with French sovereign hardware (Kubb Mini, DataShielder).
CryptPeer Defense
Autonomous service dedicated to regalian uses
In addition to Masked Mode, which encrypts display by default and allows selective decryption of a conversation before it automatically re-encrypts, CryptPeer integrates a third mode reserved for regalian uses: CryptPeer Defense.
This fully stealth version relies on segmented and ephemeral key encryption, operating in tunnel mode and in volatile memory end-to-end between endpoints and the relay server. It operates without logs, with RAM-only encryption and volatile key management, guaranteeing the total absence of exploitable metadata and persistent digital traces. This setup ensures an unparalleled level of confidentiality and resilience, designed for the most sensitive and strategic environments.
Autonomous service based on the same engine as CryptPeer, with its own engine and relay server optimized for regalian uses.
Why choose CryptPeer®?
The unique advantages that make CryptPeer® the reference solution
Encrypted Display by Default
With CryptPeer Hidden, messages remain encrypted even on screen until the user explicitly chooses to reveal one. This selective reading model reduces visual exposure, strengthens operational discretion, and helps limit risks related to nearby observation, screenshots, and screen analysis tools.
Zero Installation
Works on all devices worldwide — nothing to install. CryptPeer® is instantly accessible through a web browser, without requiring a mobile or desktop application.
Works Without Internet
Local-only mode: full operation in a closed network (air-gap), without Internet connection. Ideal for sensitive environments where network isolation is required.
100% Self-Hosted
Total control of your infrastructure. No dependency on third-party cloud or external provider. Deploy it on your own server, from Raspberry Pi 5 to enterprise server.
Autonomous third-party transfer
CryptPeer also covers the standalone MFT use case: transfer to external recipients without accounts, with random password, controlled retention lifecycle, automatic destruction, and blind server architecture.
Patented Technology
Patented segmented key authentication system. French-origin technology developed in Andorra. Innovation 2026 recognition.
French Sovereign Hardware
Compatible with Kubb Mini, DataShielder and other French sovereign hardware. 100% sovereign architecture, end to end.
Low Power Consumption
Runs on Raspberry Pi 5 with only 2.4 to 9 W power consumption. Estimated annual cost: ~€8.10. The most economical and eco-friendly solution on the market.
Network Undetectability
Thanks to local-only mode, compartmentalization and systematic encryption, CryptPeer® reduces the exposure surface and makes detection complex.
RAM-Only Decryption
Decryption only in volatile memory. No persistent plaintext. Instant key obsolescence. Maximum security against physical attacks.
Ultra Portable & Autonomous
Deploy CryptPeer on ultra-compact mini-computers (KUBB Mini, Raspberry Pi 5). A fully autonomous and portable solution, ideal for mobile deployments, isolated terrain or sensitive environments. Works in nomadic mode without complex infrastructure.
Added Value
Total autonomy, real confidentiality, security by design
Total Autonomy & Sovereignty
No third-party cloud, no VPN, no external service. Local-only possible. You control your infrastructure.
Secure access through a simple URL
Deployed on the organization’s infrastructure, CryptPeer is accessible through a domain or subdomain protected by Let’s Encrypt, pointed to the IP address of the self-hosted equipment. Access is provided directly over HTTPS, without relying on any third-party service.
Blind server
Encryption is performed on endpoints before any network transit. The server therefore only receives already encrypted data and never accesses plaintext content, in accordance with the blind server principle.
Universal multi-device usage
CryptPeer works through a web browser on nearly any connected device: computers, smartphones, tablets, connected media devices and compatible televisions. The user accesses an end-to-end encrypted communication space without heavy installation or external overlay.
Real Confidentiality
Client-side E2E, blind relay, database/metadata encrypted upstream, zero exploitable metadata. The server never sees plaintext.
Security by Design
Segmented key authentication (patented), ephemeral key per message, RAM-only decryption, instant key obsolescence.
Natural Scalability
Starts from a microcomputer and grows across your largest infrastructures (enterprise server, NAS, VPS) without changing model.
Simple & Granular Administration
Directory by categories (form → validation → restricted visibility), one-click revocation, controlled repudiation, Server Manager.
High Resilience
Server-hopping, local-only mode, multi-instances, difficult to detect/stop. Instant switch to another relay.
Partners
Our partners in France
AMG PRO
Official partner for the distribution and support of CryptPeer® in France.
Discover on AMG PROBleu Jour
Strategic partner for the development and promotion of sovereign solutions in France.
Discover Bleu JourContact us
A question? A project? Feel free to contact us
CryptPeer® powered by Freemindtronic
R&D and development
Address
Andorra
Phone / Fax
+33 9 72 21 26 20
(Voicemail and fax only)
Opening hours
Monday to Friday
8am - 1pm
2pm - 6pm
FullSecure
Distribution and commercial support
Address
Av. Coprincep de Gaulle, 13
Planta 1, Edifici Valira
AD700 Escaldes Engordany
Andorra
Information
For any commercial request,
technical support or information
about CryptPeer® solutions.
CryptPeer® sovereign system
Exchange securely within a private end-to-end encrypted bubble from your devices. Ideal for all kinds of relationships: companies, regalian entities, partners. Secure messaging and video calls included.
New here? Request registration:
Click on “Sign up here”FullSecure will activate your request and place you in the corresponding category for secure and collaborative exchange.
Alternative: Traditional contact form
Access the FullSecure contact formThe form will open in a new tab