Our Smartphones

Perfect device for your security needs. Customized for maximum privacy.

Octophone 4 Pro rearOctophone 4 Pro front

Octophone 4 Pro

€1.381
Octophone 4 rearOctophone 4 front

Octophone 4

€1.165
Octophone 4a rearOctophone 4a front

Octophone 4a

€1.107
Octophone 3 Pro rearOctophone 3 Pro front

Octophone 3 Pro

€1.257
Octophone 3 rearOctophone 3 front

Octophone 3

€1.036
Octophone 3a rearOctophone 3a front

Octophone 3a

€886

GrapheneOS.

The world's most secure mobile operating system.
Fully open source.

Open source allows checking for backdoors. Full control with hardware-based verification of your phone's software authenticity and integrity.

Unbreakable Security

Strong encryption and Titan M2 security chip protects your device and data against sophisticated physical attacks.

  • Verified boot ensures OS integrity
  • Hardware-based attestation

Complete Privacy

Automatic kill switch shuts down after configured inactivity. Duress PIN automatically deletes the entire phone and data.

  • PIN layout scrambling for public use
  • Integrated fingerprint sensor option

Discover GrapheneOS.

Explore the world's most secure mobile operating system and learn how it protects your privacy like never before.

Learn More
Free Worldwide Shipping
7-Year Software Support
Anonymous Payment Options

GrapheneOS Security & Privacy — FAQ

Answers to the most important questions about GrapheneOS privacy, security, and Octolock smartphones

Last updated: July 2026

GrapheneOS is an open-source, privacy and security focused mobile operating system built on the Android Open Source Project. Unlike stock Android, it ships without Google's proprietary tracking components, replacing them with a hardened runtime, verified boot chain, and aggressive exploit mitigations. Octolock installs GrapheneOS on new Google Pixel hardware because Pixel devices offer the Titan M2 security chip, full Android Verified Boot support, and A/B partition updates — giving customers the strongest foundation available for a private smartphone. GrapheneOS also supports a sandboxed Google Play environment for users who still need access to Play Store apps, without granting Google system-level access. The result is a device that is private by default, transparent by design, and trusted by security professionals worldwide.

Octolock smartphones run GrapheneOS, which applies deep OS-level security hardening that goes far beyond what stock Android or iOS offer. Verified boot — enforced by the Titan M2 security chip built into the Pixel hardware — ensures that neither the bootloader nor the operating system can be silently tampered with. Google services are either fully removed or isolated inside a sandboxed environment with no special OS privileges. A/B partition updates mean the device updates silently in the background and reboots into a verified state. Octolock handles the secure OS configuration and initial setup, so your device arrives ready to use with sensible privacy defaults already in place. The combination of hardened software and Google's Pixel security hardware makes these among the most secure consumer smartphones available today.

Yes. Octolock phones running GrapheneOS support most Android apps through multiple installation paths. F-Droid provides a catalogue of free and open-source apps. Aurora Store lets you download apps from the Google Play catalogue without a Google account. You can also sideload APK files directly for apps not available in any store. If you need apps that specifically require Google Play Services — such as banking apps or apps that check for SafetyNet or Play Integrity — GrapheneOS supports an optional sandboxed Google Play installation. This runs Google's services in a restricted environment with no special OS privileges. Most apps work without any issues. Banking apps with strict integrity checks may require the sandboxed Play option, and workarounds exist for common cases.

Octolock offers three payment methods designed with different privacy needs in mind. Credit card payments are processed securely via Stripe; Apple Pay and Google Pay are also supported through Stripe's checkout. Bitcoin payments are accepted for customers who want a higher degree of financial privacy, as on-chain transactions do not require personal identification when paired with a private delivery method. For complete anonymity, Octolock also accepts traditional cash sent via post — when combined with a pickup address, this method allows for an order that leaves no digital payment trail whatsoever. We do not use Revolut or other payment platforms that require identity verification. Choose the method that best fits your threat model.

Yes, Octolock ships to every country in the world with free shipping included on all orders. Devices are shipped from Cyprus, where LVP OCTO LTD is incorporated, typically within 1–2 business days of order confirmation. Delivery generally takes 5–10 business days depending on the destination. All packages are shipped discreetly: there are no Octolock logos or branding on the outer packaging, and the contents are not described in a way that reveals the nature of the shipment. This protects your privacy from the moment the order leaves our hands. Customs documentation complies with local regulations while keeping descriptions generic where legally permitted.

Every device purchased from Octolock comes with a 2-year hardware warranty covering manufacturing defects and hardware failures under normal use conditions. The warranty covers the underlying Google Pixel hardware — display, battery, cameras, and internal components. It does not cover physical damage, liquid damage, or issues caused by third-party modifications made after delivery. For support, Octolock provides 24/7 assistance via encrypted communication channels, detailed setup documentation covering GrapheneOS configuration, app recommendations, and security best practices. Our support team can also guide you through common issues such as app compatibility, sandboxed Play setup, and secure messenger configuration. Documentation is available on the Support page at octolock.co/support.

When your Octolock device arrives, begin with the setup guide available at octolock.co/support. The first step is reviewing your app permissions — GrapheneOS allows fine-grained control over network access, sensors, and storage on a per-app basis. We recommend installing at least one of the secure messaging apps covered on our Solution page: Signal for mainstream compatibility, SimpleX Chat for metadata-free communication, or Threema for accounts that need no phone number. Enable the duress PIN feature in GrapheneOS settings — this allows you to wipe the device quickly if it is ever seized or stolen. Keep GrapheneOS updated; the OS applies A/B updates automatically in the background and only requires a reboot to activate. Regularly review installed apps and revoke permissions that are not actively needed.

Octolock collects only the minimum data required to process and deliver your order. If you pay by credit card, we retain a transaction reference and shipping address for the legally required period. If you pay by Bitcoin or cash via post, we can fulfil your order with significantly less personally identifiable information — in the cash-via-post scenario, complete anonymity is achievable. We do not use advertising trackers or analytics platforms on our website. Order data is stored encrypted and access is restricted to personnel involved in order fulfilment. As a company incorporated in Cyprus, Octolock operates under EU GDPR, which gives you rights to access, correct, or request deletion of your data. We do not sell, share, or broker personal data to any third party for any purpose.

Octolock's security guarantee depends on an unbroken chain of custody from manufacturer to customer. New, sealed Google Pixel hardware arrives with factory firmware and an untouched Titan M2 security chip. This allows Octolock to flash GrapheneOS and configure Verified Boot with confidence that the hardware has not been tampered with at any point in the supply chain. A pre-owned device may have had its bootloader unlocked, custom firmware installed, or physical components replaced — any of which could introduce vulnerabilities that are invisible to software inspection. Our 2-year hardware warranty also requires a new device, as we cannot vouch for the condition or history of second-hand hardware. Selling only new, sealed units is not a commercial decision — it is a prerequisite for the security promise Octolock makes to every customer.