In crypto, security isn't optional - it's everything. Ecency Mobile is built with a security-first architecture that keeps your private keys safe while making transactions seamless.
Key Management
Ecency supports multiple authentication methods:
Private Key Login - import your posting or active key directly. Keys are AES-encrypted and stored locally on your device. They never leave your phone and are never sent to any server.
HiveSigner - OAuth2-based authentication. Your keys stay with the HiveSigner service, and Ecency receives only an access token. Great for users who prefer not to enter keys directly.
HiveAuth/Keychain - keychain-based authentication. Sign transactions using the HiveAuth companion app via QR code. Your keys never touch Ecency at all.
PIN Code Protection
Every sensitive operation requires PIN verification:
Set a custom PIN during account setup
Biometric authentication (fingerprint or Face ID) available as an alternative
PIN is cached briefly for convenience.
Smart Authority Handling
Hive has different key levels (posting, active, owner, memo), and different operations require different keys. Ecency handles this intelligently:
Posting key operations (voting, commenting) proceed silently
Active key operations (transfers, staking) trigger an Auth Upgrade Sheet if you only logged in with a posting key - you enter your active key once, and signing happens instantly
The app never asks for more authority than needed
Hot Signing - hive:// and ecency:// URI Protocol
This is a powerful feature for interoperability. Ecency can handle Hive URI protocol links:
hive://sign/...- standard Hive URI transactionsecency://sign/...- Ecency's equivalent, automatically normalized to the Hive URI format
When you click a hive:// link from any app, website, or QR code, Ecency:
Parses the operation (transfer, delegation, custom_json, etc.)
Validates the transaction - checks operation format, amount formatting, and authority requirements
Shows you exactly what you're signing before confirmation
Signs and broadcasts using your stored key, HiveSigner, or HiveAuth - whichever you set up
Calls back to the requesting app with the transaction result (supports callback URLs and request_id correlation)
This means third-party dApps, games, and services can request transactions through Ecency without ever touching your keys. You review, you approve, Ecency signs.
Explore Dapps
Exploring other Hive dapps never been easy, you can navigate to any Hive based dapp or website from Ecency app and login, sign transactions while keeping your keys secure on Ecency. You like playing games Splinterlands or others, no problem go to Explore, type in url or open web dapp from bookmarks and login selecting Keychain or Keeper or Vault extensions, Ecency app will auto detect and log you in to dapp. Any hive dapp integrated either of these browser extension logins for desktop browsers automatically get benefit and open their doors to Ecency mobile app users as well.
Additional Deep Links
Beyond transaction signing, Ecency handles:
ecency://transfer- pre-filled transfer requests (HIVE, HBD, or Points) from external apps, with callback supportecency://login- securely share your posting key with trusted third-party apps (with explicit user confirmation)ecency://auth- passwordless authentication with access tokens
Bad Actor Protection
Before executing any transfer, Ecency checks the recipient against a maintained list of known scam accounts and warns you before sending funds to a flagged address.
Ecency never compromises: maximum security with keys that stay on your device, smart authority handling that only asks for what's needed, and URI-based hot signing that lets you interact with the entire Hive ecosystem from one app.
Ecency mobile is so user friendly.I love it so much.The performance is awesome 👍.
Thank you so much ❤️🌹
You are welcome.
Great update! The security features on the mobile app are really impressive. Specially loved the smart authority handling. Keep up the good work.❤️🌹🌹
I hope you don't see this as negativity, I am just ranting after reading the generic, almost off topic, comments made when you talk about key management and callbacks and tech stuff (that do interest me). Also how difficult it was for me to onboard someone despite all the key management refinement over the years (or because of it?)
That (your crypto your keys) is precisely the problem that made it so hard to onboard someone at Hive Open Days alicante. They create the account and was bouncing between Keychain and Ecency trying to log in, knew crypto and what keys are and were surrounded by seasoned Hive users. Even then t was confusing and at no point whether the user cared or not about managing their own keys was important because they did not have a choice, it is their keys and they had to learn then and there what owner, active, posting keys are etc... Too much info to dump at someone we are trying to onboard spontaneously.
Maybe managing someone else's keys for them isn't the blockchain sin people think it is if it allows for a simple registration/password. The people who care about keys are a minority.
Looking critically at your post, it is attractive to me because I care about my keys and I am technically capable of understanding, but look at the comments that will be made here, and that are made in general on your tech updates, the audience of Ecency is not technically sofisticated, or at least if they are it they do not comment as if they were. They will make generic comments about how Ecency is "easy to use" and "beautiful" and how they "love ecency" because they lack the depth to understand (or comment as if they lack this the depth to understand) what you mean when by URI, protocols, authority handling, signing, HiveAuth, HiveSigner, Keychain, callbacks, etc.
If the actual Ecency audience cannot deeply understand a post about Ecency security, then a random new user has no chance. We need the secure crypto-native path, but we also need a dead-simple normal-user path.
Ecency has a feature that makes it better than PeakD even for me who care about my keys, I can import my key and not be bothered by the keychain signature, that is a HUGE step. The next steps would be dropping the dogmas that brought us to 5 cents, some users don't want to manage their keys, they want to login with a username and password.
On same side, points about ease of onboarding and less mention of complications of key management is part of our strategy. You can see on our onboarding, you signup get your password and login with it. We simplify all steps and don’t mention too much about different key levels etc. these posts sometimes reminder to power and existing users as well as used as off page marketing later we import to medium and other social networks.
As for onboarding struggle you experience, I suspect giving new people too many dapps can also be confusing same way many keys does. If you signup with Ecency, you get email, it has 1 click login, it logs you into website as well as app depending where you open that link. That’s it, there is no confusion. So each app offering their own onboarding is crucial, from there you can improve and iterate best onboarding experience, higher chance of retaining new people. Adding hivesigner, keychain, hiveauth and other login methods also creates friction and experience on those services you cannot improve directly. Ultimately we have to keep everything in balance, self custody and security is important we cannot compromise on that though…
Noted, next onboard I will try to make by the Ecency app alone, this way I can gauge what a new user tries to do and how much they can figure out by themselves. Maybe throwing keychain in the mix was our mistake at the event.
Do let us know your findings, we can learn and improve if there are any gaps or issues during that process 👍
If you are doing event where new people will be joining lets us know we can create event specific referrals so it won’t have strict checks like we do right now, more smoother experience.
Not any event in sight right now, but good to know. What kind of strict checks though?
I think there is value in seeing how people are onboarded on normal "strict" flows, it is an opportunity to see how they handle things and learn from the "non-smooth" experience
Strictness I was referring to, relates to events where many people might be sharing same IP (WiFi) and since we have 1 signup per IP, it might cause issues.
That makes sense! I will let you know.
👍👍
Even with Ecency security, people can still make mistakes like clicking fake links or losing their phone. Technology is strong but the user attention is always going to be very necessary if anyone wants near 100 percent safety
nice work as always Ecency!
Posted via First Context