The auditing company Cure53 performed an intensive security audit of OpenKeychain. It’s Free Software with no secrets anyone can examine and validate every bit of it (Source code available at GitHub) Independent Security Audit
Open Source: OpenKeychain is designed to be trustworthy. But its most frequent use is in using those keys to encrypt and decrypt messages. It also helps you find others’ keys online, and exchange keys. OpenKeychain stores and manages your keys, and those of the people you communicate with, on your Android smartphone. Modern encryption is based on digital “keys”. For a list of compatible software for Windows, Mac OS, and other operating systems consult /software/. OpenKeychain is based on the well established OpenPGP standard making encryption compatible across your devices and systems. It uses encryption to ensure that your messages can be read only by the people you send them to, others can send you messages that only you can read, and these messages can be digitally signed so the people getting them are sure who sent them. OpenKeychain helps you communicate more privately and securely.
