Security & Transparency

  1. Open-Standard Communication Architecture

Intraxis uses the Matrix open-source protocol for messaging and real-time communication.

  • Fully transparent and globally audited
  • Open-source codebase, reviewed by an international community
  • No proprietary or closed communication layers
  • Continually tested through independent security research

Intraxis does not modify or alter the communication protocol.
The platform only adds UI, management, and integration layers on top of the open Matrix core.

  1. End-to-End Encryption (E2EE)

Intraxis offers two security modes:

Default Mode (Server-Managed Encryption)

  • All traffic is protected in transit via HTTPS
  • Enables enterprise archiving, compliance, and administrative oversight
  • Equivalent to the security model used by Slack, Teams, and other enterprise platforms

Privacy Mode (Full End-to-End Encryption)

  • Messages are encrypted on the sender’s device
  • Decryption occurs only on recipient devices
  • Encryption keys are not stored or visible to the server
  • The server holds only unreadable encrypted data blocks

In E2EE mode, Intraxis does not store, access, or decrypt message keys.
All encrypted content on the server can only be decrypted by user devices.
This architecture mathematically guarantees that Intraxis cannot access user content.

  1. No Backdoors

Matrix cryptographic libraries (Olm / Megolm):

  • Are fully open-source
  • Have undergone extensive independent security audits
  • Comply with modern cryptographic standards

Intraxis’s closed-source components are limited to the UI, management, and integration layers.
The platform cannot intercept, modify, or decode encrypted content.

Intraxis contains no technical mechanisms that provide access to user communication.
The system operates under a strict zero-knowledge design.

  1. Data Usage & Processing Principles

Intraxis adheres to the following strict data policies:

  • No data selling
  • No advertising
  • No behavioral profiling
  • No content analysis
  • No unauthorized sharing with third parties

The business model is subscription-based only.
User data is not a product.

  1. Data Storage & Server Location

All data is stored in ISO 27001 / SOC2 certified, high-security data centers within the EU.
The infrastructure follows zero-trust principles and multi-layered protection.

  • Encrypted backups
  • Segmented network security
  • Redundant architecture
  • Compliant with GDPR and KVKK (with explicit user consent)

In E2EE mode, message content is never stored in a readable form.
Administrators may configure custom retention periods for non-E2EE rooms.

Even when stored, encrypted content cannot be decrypted by Intraxis under any circumstances.

  1. Key Management

In E2EE mode:

  • Keys are generated and stored exclusively on user devices
  • Private keys never leave the device
  • Encrypted messages on the server cannot be decrypted without the device keys
  • Backup keys can be encrypted with a user-defined passphrase

If keys are lost, past messages become permanently inaccessible.
Access control lies fully with the user.

  1. Abuse Prevention & Security Controls

Intraxis applies multiple protective layers against misuse:

  • Bot and spam detection
  • Rate limiting
  • IP-based security measures
  • Suspicious activity monitoring
  • Multi-factor authentication

In E2EE environments, only metadata and security logs are available for analysis due to content inaccessibility.

  1. User-Controlled Security

Intraxis gives organizations full control over their security posture:

  • Default mode for enterprise visibility and retention
  • E2EE mode for maximum privacy
  • Different rooms can use different security profiles
  • All keys and access policies are managed by the organization

Security decisions remain in the hands of the user; Intraxis provides the infrastructure.

  1. Transparency Commitment

Intraxis maintains full transparency across all security layers:

  • Open standard communication protocol
  • Auditable cryptography
  • No backdoors or proprietary extensions
  • Clear data transfer disclosures
  • Zero-knowledge architecture
  • Comprehensive security documentation

Intraxis is not a closed-source communication system.
The underlying communication engine is built on the fully auditable Matrix protocol.

Conclusion

Intraxis delivers secure, private, and compliant communication through:

  • Open standards
  • Verified cryptography
  • Zero-knowledge design
  • User-controlled encryption

Privacy belongs to the user.
Intraxis provides the infrastructure — not access to the content.

Back To Top