Cape

What is it?

Cape is a US-based mobile virtual network operator (MVNO) built around privacy and security. It runs on over 12 regional and national carrier networks for coverage, but operates its own core network infrastructure designed from scratch with a minimum-trust model. The service costs $99/month, requires no ID verification or personal information to sign up (eSIM only), and includes unlimited calls/texts, 50GB high-speed data, 5GB international roaming in 50+ countries, and a bundled Proton Unlimited or Proton VPN Plus subscription.

There are two sides to Cape. For individual subscribers, it is a carrier that minimizes data collection and hardens the network against signaling attacks and surveillance. For enterprises, Cape can pipe network-level telemetry (signaling data, cellular connections, traffic leaking outside VPN tunnels) into corporate SIEM or SASE platforms, giving security teams visibility into mobile device behavior that is otherwise completely invisible to them. This enterprise integration allows CISOs to deploy Cape as part of a workforce protection strategy.

Cape’s core technical differentiators: IMSI rotation on demand (changing your network identity to disrupt long-term location tracking), signaling firewalls that filter Diameter requests to block location queries and SMS interception, call log destruction after one day, encrypted voicemail using subscriber-controlled private keys, last-mile SMS encryption (iPhone only currently), and number port protection via private key (preventing SIM swap attacks). Cape only support 4G and 5G, with no legacy 2G/3G or SS7. SS7 is the signaling protocol underpinning older mobile and landline networks, designed in the 1980s with no authentication. Any carrier (or anyone who can access a carrier’s SS7 node) can query the location of any subscriber, intercept their SMS messages, or redirect their calls. It is routinely abused by commercial surveillance vendors and nation-states to track targets. By dropping 2G/3G entirely, Cape eliminates SS7 exposure completely.

Why did Cape build it?

US carriers collect extensive subscriber data, sell geolocation information to data brokers, and have proven unable to protect their infrastructure from state-level adversaries. Salt Typhoon in April 2024 compromised effectively every major US carrier, exposing call data records, geolocation information, and communications over a period of months. Cape’s position is that data cannot be leaked or sold if it was never collected in the first place.

Traditional MVNOs focus on price. Cape focuses on reducing what it knows about subscribers to the minimum needed to route calls and collect payment. Cape does not require names, addresses, social security numbers, or ID verification. The anonymity model serves not just the privacy-conscious but also domestic abuse survivors, journalists, and others with legitimate reasons to prevent their location being purchasable through advertising data brokers.

How does the signaling protection actually work?

Cape dropped all 2G and 3G support, which means no SS7 at all. Cape only uses Diameter (the 4G/5G signaling protocol), but Diameter is not immune to attack either. Attackers can still use Diameter to request subscriber location information, reroute SMS (leaking OTPs), or track individuals. Cape operates signaling firewalls that inspect and filter Diameter messages, blocking unauthorized information requests from other carriers. This is the same class of attack that commercial surveillance vendors and nation-state actors use to track targets through the carrier network.

What about device-level security monitoring?

The network telemetry Cape can export includes data that traditional infosec teams never see: which cellular networks a device connects to, signaling events (such as a foreign carrier requesting subscriber information when it should not be), and traffic that leaks outside of VPN tunnels (com center traffic, system-level app communications that bypass MDM/VPN controls on mobile devices). Cape can also act on suspicious events automatically. For example, it can trigger an IMSI rotation to make continued targeting harder, or alert the subscriber’s security team.

For high-risk users, Cape sells a hardened Android handset with additional security capabilities, though most subscribers use their own devices.

Who is this for?

Cape positions privacy as a universal right, but the highest-value use cases are clear: government and defense personnel, law enforcement, executives doing sensitive international travel, and CISOs looking to protect workforce mobile communications. The enterprise integration (piping network telemetry into corporate security tooling) makes it relevant beyond individual subscribers.

On the consumer side, it appeals to anyone who objects to the US carrier model of monetizing subscriber data. The no-ID signup means Cape has minimal information to hand over in response to legal requests. Cape does comply with law enforcement but notes that while the information provided is enough to potentially identify someone, it is not enough to reconstruct the subscribers movements or communications.

Cape partners with the EFF (research support and lab environment for improving detection), donates first-month subscriptions to the GrapheneOS project for GrapheneOS users, and bundles Proton services for all subscribers.

Risky Business appearances (last 24 months)

• Snake Oilers S22 Part 1 - September 2025. Stephen Dowey from Cape covers the technical architecture. Pat’s summary: “If I were American, if I lived in the United States, I would absolutely be a Cape customer.”

Sources

• Snake Oilers S22 Part 1
• Cape homepage
• Cape + Proton partnership
• Cape + EFF collaboration
• TechCrunch: Cape beta launch

Disclosure

Cape is a Risky Business sponsor (Snake Oilers segment).

Cape

Protect Yourself with Private Cell Service