Here are descriptions of the main feature in EVSS

Enterprise Voice Security Suite

Secure Communications with E2E encryption

Voice calls – Text Messages (up to 1K characters) – Vocal Notes – Group Chat - Attachments (PDF, docs, audio, video, GPS Location)

Advanced call services (Conference Call, Conference Room, Call Transfer)

Conference Call or Three-way Call is a call involving at least three users. It differs from Conference Room by the fact that Conference Call is one Secure Call at which third parties got invited. So it's one sort of dynamic conference room. All users invited are thus added to conversation in progress by either caller or callee.

The Conference Room is the kind of call that more persons can partecipate. The conference calls are usually defined as "rooms", whose access can be limited by time settings or pass code. Conference Room administrator is able to send an invitation link by SMS/email to extend the conference to participants that can access the conference clicking on the received link. For each conference room, the administrator is able to see a full list of participants in the conference call, with the possibility of taking actions on them (mute - unmute - kick).

Call Transfer is performed when one of the call's participants holds on his/hers peer and performs a new call to the number to which trasfer the call. If the desired number picks up the call, then the transferrer can close the communication and let his/hers peer talk with the trasferred number.

Available optionally only for on-premise solution.

Integration with company PBX

It is possible to connect the PrivateWave server to the company IP-PBX through a SIP/TLS trunk and make calls from mobile to landlines and vice versa.

The following solutions are supported: Microsoft Teams, Skype for Business, Cisco CUCM, Avaya Comm. Manager.

Available optionally only for on-premise solution

SIP Proxy (Denial-Of-Service prevention)

A SIP proxy is integrated to guarantee protection on the protocol at session level.

SSL Certificate Pinning

In order to detect and block man-in-the-middle attacks, clients adds an extra step beyond the normal X.509 certificate validation. After obtaining the server's certificate in the standard TLS handshake, the client checks the public key in the server's certificate chain against a hash of public key for the server name.

Available optionally only for on-premise solution.

Mutual authentication with X.509 certificate

Clients can be authenticated by PrivateServer through X.509 certificates. The private key is securely stored on the device and can not be exported. PrivateServer can periodically acquire and manage the list of certificate revocation (CRL), safely and through secure protocol (HTTPS).

Available optionally only for on-premise solution.

Two-factor authentication for client activation (Email & SMS)

At the time of provisioning, client is authenticated by providing a secure link for activation in which a PIN, sent on another channel (e.g. email), must be specified.

Available optionally only for on-premise solution.

Multilevel security

Each call made by a PrivateWave client produces encrypted traffic based on the recipient of the secure call:

• if the call recipient is another PrivateWave client, the call is made using the ZRTP protocol for key exchange
• if the recipient of the call is not a PrivateWave client, the call is made using the SDES protocol

Available optionally only for on-premise solution.

On-line presence masking

Known contacts are now shown with a blue icon regardless of the on-line state.

Automatic expire of Secure Messages

PrivateServer administrator can configure an expire time out of read messages.

Available optionally only for on-premise solution.

Deleting messages remotely

You can remotely delete already sent messages.

Virtual Key anti key logger

It is possible to enable a private keyboard to avoid key logging applications.

Android platform only.

Centralized Address Book

As an alternative to the integration with the phonebook, you can configure on the server a centralized company directory with group management and not visible outside the the app.

Available optionally only for on-premise solution.

Adding New Contacts

User can add a new phone number to the phone address book directly from PrivateWave application.

SELinux Support

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). Follows NSA guideline to harden Linux servers

Apple and Google Push Notification Support

To preserve battery, recipients are reachable even if the application is closed.

GrandStream VoIP phone support

Support of Android based GrandStream GXV3275 IP phone.

Languages

Italian, English, French, German, Spanish, Portuguese, Turkish, Russian, Arabic