A friend of mine — a PM who's spent years in enterprise software — looked at Amicai and asked the question I'd ask too: "What happens to my messages once they leave my Mac?"
April 2026 update: Amicai now also ships on Android via getamicai.com/android. This post is still accurate about the Apple/iMessage sync path; Android uses the same private Amicai account with a signed APK distribution path instead of a Mac setup flow.
He didn't ask it casually. He said something that stuck with me: "My messages are probably the most personal subset of data that I have, and in part because I can't even remember what's there." He's right. Your iMessage history isn't like your email or your work Slack. It's midnight confessions. It's the text your friend sent about their diagnosis. It's the raw, unfiltered version of your life that even you don't fully remember.
So let me be specific about what we do, what we don't do, and why.
What's actually protecting your data
Amicai uses a layered security model. Not because "layered" sounds good in a blog post, but because different threats require different defenses.
In transit: Every byte of data moving between your Mac and our cloud infrastructure is encrypted with TLS 1.3 — the same protocol your bank uses. No one sitting between your device and our servers can read what's being transmitted. This isn't optional. It's the baseline.
At rest: Once your data lands in our encrypted databases, it's encrypted using managed encryption keys. Your messages, your contact data, your reflections — all of it is encrypted on disk. If someone physically stole a hard drive from a data center, they'd get gibberish.
Credential scoping: When your Mac syncs with our cloud, it uses temporary credentials that expire every hour and are mathematically restricted to your data only. Your sync session literally cannot touch another user's records. This isn't a software rule that could be bypassed — it's enforced at the infrastructure level.
Sensitive PII gets extra treatment: Phone numbers — the most identifiable data we handle — receive dedicated application-level encryption using AES-256-GCM envelope encryption. They're encrypted with individually generated keys, stored separately from the rest of your data, and hashed for lookups so the raw numbers are never exposed during normal operations. We wrote a whole post about this: Your Phone Numbers Are Safe. Here's Exactly How.
What we don't do (and why)
We don't offer full end-to-end encryption for your message content. In an E2E model, data is encrypted on your device with keys only you hold, and the server processes it without ever seeing the plaintext.
Here's the honest reason we can't do that: Amicai needs to read your messages to generate your daily reflections, your relationship insights, and your journal prompts. That's the product. An AI that analyzes your communication patterns to surface things you'd otherwise miss — your friend's job interview next week, the fact that you haven't talked to your college roommate in 47 days — requires server-side access to the content.
If we encrypted everything with keys only your device held, we'd need to decrypt on your device, run the AI locally, and re-encrypt the results. That's not currently practical for the kind of analysis we do. When it becomes practical, we'll revisit it. But I'd rather be honest about the trade-off than slap "end-to-end encrypted" on the marketing page and have it mean something different from what you think it means.
The Apple comparison nobody wants to make
Apple offers Advanced Data Protection — full E2E encryption for iCloud backups, photos, notes, and 23 other data categories. It's the gold standard. If you've enabled it, your iCloud data is encrypted with keys that only your devices hold. Apple themselves can't read it.
Here's the problem: almost nobody turns it on.
ADP is opt-in. It requires you to set up a recovery key or designate a recovery contact. It's buried in Settings > Apple ID > iCloud > Advanced Data Protection. Most people don't know it exists. Most people who know it exists haven't enabled it because the recovery key requirement feels risky — what if I lose it and get locked out of my own photos?
Apple built the most robust consumer encryption system in history, and the vast majority of their 2 billion users are running without it. Their iCloud backups — which contain your iMessage history, by the way — sit on Apple's servers encrypted with keys Apple holds. Meaning Apple can read them. Meaning a government subpoena can access them.
In fact, when the UK government demanded Apple build a backdoor into ADP in 2025, Apple's response wasn't to comply — they simply removed ADP from the UK entirely. If you're a UK user, you can't even opt in anymore. The best encryption in the world, and an entire country lost access to it overnight because of a political decision.
This isn't a knock on Apple. They made the right call refusing to build a backdoor. But it illustrates something important: the security that matters isn't the security that's theoretically available. It's the security that's actually active on your account right now.
What this means for you
Your Amicai data is protected by encryption in transit, encryption at rest, scoped temporary credentials, and dedicated envelope encryption for your most sensitive identifiers. Our AI provider is contractually prohibited from training on API data — your messages are processed and discarded, never used to improve their models.
What it's not is end-to-end encrypted in the way a cryptographer would define it. We have server-side access to your message content because that's how we generate the insights that make the product useful.
If that trade-off doesn't work for you, I respect that. Your iMessage history is deeply personal — probably more personal than any other digital data you have. "Like most consumers, I'll trade privacy for value" is how one early user put it, and that's an honest framing. Some people will look at what Amicai surfaces — the patterns you didn't see, the friend you were about to lose touch with — and decide the value justifies the access. Others won't. Both are reasonable positions.
The real question to ask any AI app
When you're evaluating whether to trust an AI product with your data, don't ask "is it encrypted?" Everything is encrypted — that word has been marketed into meaninglessness. Ask these instead:
"Encrypted how, and who holds the keys?" If the company holds the keys, they can access your data. That's not E2E, no matter what the marketing says.
"What's the minimum data you need to deliver the product?" Amicai needs message content to generate insights. We don't need your photos, your location, or your browsing history. We take what we need and nothing more.
"What happens to my data after processing?" Our AI provider processes your messages and discards them. No training. No retention. Contractually enforced.
"Can I exclude specific conversations?" Yes. Amicai lets you mark contacts as sensitive, which removes them from all processing entirely. Not anonymized. Not summarized. Gone.
The security model that protects you isn't the one with the best marketing. It's the one that's honest about what it does, transparent about its limitations, and actually turned on.