Cross-signed device verification for secure communication.
What is cross-signed device verification?
Element uses cross-signed device verification to help ensure the identity of conversation participants and their devices, with minimal manual effort.
What are the benefits of cross-signed device verification?
Device verification guards against imposters and other bad actors attempting ‘man-in-the-middle’ style attacks.
Element lets you keep track of every device that has joined an encrypted conversation. If a new and unexpected device joins, you can use device verification to check that it's the right person. If you suspect that a trusted device has fallen into the wrong hands, you can revoke that trust and remove its access to the ongoing encrypted conversation.
How does cross-signed device verification work?
A user can access their Element account through multiple devices.
Cross-signed device verification is a smart way for the user to verify all the devices they have linked to their Element account. Having done that, the process of verifying with others is far easier.
When one user verifies another, that trust is extended across all the devices the users have linked to their respective Element accounts (saving the hassle of having to verify a contact's multiple devices).
Whether self-verifying, or verifying others' devices, the actual authentication process is wonderfully straight-forward. Users simply compare on-screen emojis, or scan a QR code.