Are messages encrypted?

The short answer: yes

All messages sent through Herpify are encrypted at rest. This means that when your messages are stored in our database, they are scrambled using industry-standard encryption (AES-256-GCM). Without the encryption key, the message content is unreadable — even to Herpify staff, database administrators, or anyone who might gain unauthorised access to our systems.

What "encrypted at rest" means

When you send a message, it travels securely over HTTPS (encrypted in transit) to our server, where it is immediately encrypted using a secret key before being written to our database. When you or the recipient opens the conversation, the server fetches the encrypted message, decrypts it using the key, and sends it back to you over HTTPS. At no point is the original message content stored in plaintext on disk.

What encryption protects you from

Message encryption protects your conversations from:

• Database breaches — if someone gains unauthorised access to our database, they cannot read your message content
• Rogue employees or contractors — Herpify staff cannot read your messages through normal database access
• Third-party data processors — any backup systems or data processors see only encrypted data
• Opportunistic attacks — attackers cannot simply read messages from server logs, disk snapshots, or database dumps

What encryption does NOT protect you from

Encryption at rest does not protect your messages from:

• Someone with your account credentials — if someone logs in as you, they can read your messages the same way you do
• Legal requests — Herpify can decrypt and provide messages in response to a valid court order, subpoena, or law enforcement request
• Moderation review — if you or the other party reports a conversation, Herpify moderators can decrypt and review the relevant messages
• Screenshots or off-platform sharing — if the other party takes screenshots or forwards your messages to someone else, encryption cannot prevent that

Why not end-to-end encryption?

End-to-end encryption (E2EE) — where only you and the recipient hold the keys — would make it impossible for Herpify to decrypt messages, even with a court order. While this sounds appealing, it creates problems for a marketplace platform:

• Fraud and scam investigation — we couldn't help resolve payment disputes or investigate scam reports, because we couldn't see what was promised
• Child safety and illegal activity — we couldn't comply with legal obligations to report certain content
• Moderation — we couldn't act on harassment, threats, or Terms violations reported by users
• Account recovery — if you lost access to your account, your message history would be lost forever

Best practices for secure messaging

To keep your Herpify messages secure:

• Use a strong, unique password for your Herpify account (consider a password manager)
• Enable two-factor authentication if your email provider supports it
• Don't share payment details, card numbers, or bank account information in messages — use a secure payment method
• Report suspicious conversations immediately (moderation can review them)
• Don't log in to Herpify on shared or public computers unless you log out afterwards

Technical details

For those interested, Herpify uses AES-256-GCM encryption with a server-held master key derived using industry-standard key derivation functions. Each message is encrypted individually. Encryption keys are rotated regularly and are stored separately from message data. This follows OWASP and NIST guidelines for data protection.