Security
How we keep your final words private.
Specificity beats reassurance. Here's what actually protects what you write — line by line — from your draft to your recipient's inbox.
The shape of the trust
Your Privacy and Security Are Our Priority
One Final Message handles some of the most personal and meaningful content you'll ever create. We understand the profound trust you place in us when you write messages meant for your loved ones and designated contacts, and we take that responsibility seriously. From the moment you create an account to the day your message is delivered, every piece of your information is protected by enterprise-grade security measures designed to keep your most intimate words safe and private.
Identity
Protected by Industry-Leading Authentication
Your account is secured through Clerk, a trusted authentication platform used by thousands of companies worldwide. We require multi-factor authentication (MFA) for all accounts, meaning that even if someone obtained your password, they couldn't access your account without your second verification method. Every login attempt is monitored, and we automatically detect and block suspicious activity before it becomes a threat. Our administrative team operates under even stricter controls - requiring regular re-authentication and maintaining comprehensive audit logs of all actions.
Your content
Your Messages Are Yours Alone
We've built our platform with a fundamental principle: your messages belong to you, not us. All data is AES-256encrypted both when stored and when transmitted between your device and our servers. We employ strict access controls that ensure only you can read your messages - our own team cannot access the content of what you write. When your message is delivered to its recipient, they must verify their identity through a secure one-time code before viewing, ensuring your words reach only the person you intended.
The watchroom
Continuous Protection and Monitoring
Our security doesn't sleep. We employ real-time threat detection that identifies and blocks malicious activity, rate limiting that prevents automated attacks, and comprehensive logging that helps us investigate any potential incidents. All of our infrastructure runs on Cloudflare's global edge network, providing protection against distributed attacks and ensuring your data is handled by one of the most trusted names in internet security. We regularly review and update our security practices to stay ahead of evolving threats.
Compliance
Built for Trust and Compliance
We've designed One Final Message with privacy regulations in mind, implementing data retention policies, audit trails, and access controls that meet rigorous compliance standards. We never sell your data, and we collect only what's necessary to provide our service. Our commitment to your privacy isn't just a policy - it's the foundation of everything we build. When you trust us with your final words, you can rest assured they're protected by the same level of security used by financial institutions and healthcare providers.
We also publish a canary statement affirming that One Final Message has not been subject to secret government orders. View our Canary Statement