Cape Privacy Carrier Review: Is $99/Month Worth It?

TL;DR: Cape is the first U.S. carrier built around privacy, offering daily IMSI rotation, SIM swap protection via private keys, a proprietary SS7 signaling proxy, encrypted voicemail, disappearing call logs, and two free secondary numbers — all for $99/month with unlimited talk, text, and 5G data. It launched nationwide on January 27, 2026. Paired with GrapheneOS, it’s the strongest consumer mobile privacy stack available today, but the price is steep for casual users.

Three weeks ago, a small Arlington, Virginia startup did something nobody in American telecom has done before: it launched a nationwide cellular carrier designed from the ground up to not spy on you.

Cape officially exited beta on January 27, 2026, opening its $99/month privacy-first mobile service to every consumer in the United States. After two years of building proprietary telecom infrastructure, partnering with Proton, earning a spot on TIME’s Best Inventions of 2025 list, and raising over $91 million in total funding, Cape is betting that Americans are finally ready to pay a premium for cellular privacy.

But are they? And should you?

We’ve spent the last few weeks digging into Cape’s technology, business model, and real-world performance to find out.

What Cape Actually Is

Cape is a mobile virtual network operator (MVNO) — meaning it doesn’t own cell towers. It leases radio access from nationwide carriers including AT&T and uses their physical infrastructure for coverage. What Cape does own is its mobile core: the central software brain that controls how calls are routed, how data moves, what gets logged, and critically, what doesn’t get logged.

This distinction matters enormously. Most MVNOs (Mint Mobile, Cricket, Google Fi) are “light” MVNOs — they essentially reskin another carrier’s service. Cape is a “full” MVNO that operates its own core network, its own SIM provisioning, and its own signaling stack. That gives Cape the ability to implement privacy features that no light MVNO could touch.

Founded in 2022 by John Doyle — a former U.S. Army Special Forces Green Beret who later ran the national security business at Palantir Technologies — Cape emerged from stealth in April 2024 with $61 million in funding led by A* and Andreessen Horowitz. Additional investors include Costanoa Ventures, Point72 Ventures, XYZ Ventures, ex/ante, Forward Deployed VC, and Karman Ventures. According to PitchBook, Cape’s total funding stands at approximately $91.4 million when including a subsequent $30 million round (split between $15M in equity and $15M in debt) announced alongside the March 2025 open beta.

The company’s first product was Obscura — a $1,500 pre-configured Android phone bundled with Cape service, originally designed for military personnel, government officials, investigative journalists, and human rights activists. Obscura offered the full suite of protections including both IMSI and IMEI rotation (the latter being significantly harder to implement, as it requires device-level modifications). TIME recognized Obscura as one of the Best Inventions of 2025 in its Privacy & Security category.

The $99/month consumer plan brings most of these protections to any compatible phone — iPhone XR and newer, or any Android 13+ device including Google Pixel phones running GrapheneOS.

What Problems Does Cape Solve?

To understand why Cape exists, you need to understand how badly traditional carriers fail at privacy.

SIM Swapping

SIM swap attacks are devastatingly simple: an attacker calls your carrier, social-engineers a customer service rep, and transfers your phone number to their device. Once they have your number, they intercept SMS-based two-factor authentication codes, drain bank accounts, and hijack crypto wallets. The FBI reported over $68 million in SIM swap losses in 2024 alone.

Cape’s approach is architectural: your phone number is secured by a private key stored only on your device. There is no customer support agent who can transfer your number, because the system literally won’t allow it without cryptographic proof of ownership. This isn’t a policy — it’s a protocol.

IMSI Catchers (Stingrays)

Cell-site simulators, commonly called Stingrays, impersonate legitimate cell towers and trick nearby phones into connecting to them. Once connected, the Stingray harvests your IMSI — the International Mobile Subscriber Identity number permanently assigned to your SIM card. With your IMSI, an attacker (or law enforcement agency, or foreign intelligence service) can track your location in real time.

Cape rotates your IMSI automatically every 24 hours. Each subscriber receives a set of seven unique IMSI values per week drawn from a randomized pool of millions. You can also manually rotate your IMSI on-demand through the Cape app — useful in high-risk moments like crossing borders or attending protests. Because IMSI catchers rely on correlating a static identifier over time, daily rotation effectively breaks their tracking model.

SS7 / Signaling Attacks

The SS7 (Signaling System 7) protocol, designed in the 1970s, is the backbone of global telecom signaling — and it’s shockingly insecure. Researchers have demonstrated that anyone with SS7 access can track a phone’s location, intercept calls and texts, and extract user identifiers, all remotely and often without detection.

Cape has built a proprietary signaling proxy that eliminates direct SS7 dependencies from its network entirely. All Diameter signaling requests (the modern successor to SS7) are routed through Cape’s secure proxy, which blocks malicious attach requests. This is defense-in-depth: even if an attacker harvests an IMSI, that IMSI will be obsolete within 24 hours.

Carrier Data Collection and Breaches

Major U.S. carriers routinely collect massive amounts of subscriber data — call logs, location history, browsing patterns — and retain it for months or years. They sell behavioral profiles to data brokers and ad networks, and they regularly lose it in breaches. The 2024 AT&T breach exposed call and text records of “nearly all” customers, triggering an FBI scramble to protect confidential informant identities.

Cape’s philosophy is radical minimalism. The company recently introduced “disappearing call logs” that automatically delete call data records (CDRs) every 24 hours. As CEO Doyle told 404 Media: “There’s no other business purpose to keep most of these logs more than like a day.” Cape stores billing CDRs for 30 days (required for carrier settlement), but even that is far shorter than industry norms.

The Full Feature Breakdown

Here’s what $99/month gets you:

Unlimited talk, text, and 5G/4G data on nationwide carrier infrastructure
IMSI rotation — automatic daily rotation plus on-demand manual rotation
SIM swap protection — cryptographic key-based number ownership
Proprietary signaling proxy — eliminates SS7 vulnerabilities
Encrypted voicemail — voicemails encrypted with a private key you control, recoverable via 24-word passphrase
Disappearing call logs — CDRs deleted every 24 hours
Secondary numbers — two free additional phone lines (real numbers, not VoIP) for shopping, dating, banking
Last-mile SMS encryption — middle-to-end encrypted SMS routed through the Cape app (iPhone only for now; Android coming)
Network Lock — prevents your device from attaching to suspicious networks
Secure global roaming — international data roamed through Cape’s US-based mobile core
Minimal data collection — Cape doesn’t collect, sell, or share behavioral data
Private payment — pay without handing over personal financial details
Proton partnership — Proton Unlimited or Proton VPN Plus for $1 for 6 months

Taxes and fees are included in the $99 flat rate. There are no contracts.

The Proton Partnership

Cape’s partnership with Proton is more than a marketing bundle — it signals alignment with the broader privacy ecosystem. Subscribers get access to Proton’s full suite (Proton Mail, VPN, Password Manager, Drive, Calendar) for just $1 for 6 months. Proton Unlimited normally costs $9.99/month, so this effectively adds ~$55 in value to the first six months of Cape service.

Beyond the consumer deal, the partnership represents a philosophical alliance between two companies trying to build privacy infrastructure at different layers of the stack: Proton at the application layer (encrypted email, VPN, storage) and Cape at the network layer (carrier-level privacy). Together, they cover most of the attack surface that matters.

Cape also sponsors the Electronic Frontier Foundation and donates to GrapheneOS — donating the first month of every new GrapheneOS user’s subscription to fund the project’s independent development.

Cape + GrapheneOS: The Ultimate Privacy Stack

If you’re reading this site, you probably already know about GrapheneOS. Pairing it with Cape creates what is arguably the most private consumer mobile setup available today (and it’s exactly why we recommend starting with the step-by-step GrapheneOS setup guide).

Here’s why the combination works:

GrapheneOS handles the device layer: hardened Android kernel, sandboxed Google Play services (optional), per-app network permissions, sensor permissions, storage scopes, and verified boot on Google Pixel hardware with Titan M2 security chip.

Cape handles the network layer: IMSI rotation, signaling protection, encrypted voicemail, SIM swap protection, and minimal data retention.

Neither one alone is complete. GrapheneOS can’t rotate your IMSI — that’s a carrier-level function. And Cape can’t sandbox your apps or control what permissions they have — that’s an OS-level function. Together, they close gaps that neither can address individually.

Setting up Cape on GrapheneOS is straightforward. Cape activation must be completed in the owner profile, but after activation, Cape services (calls, texts, data) work across GrapheneOS’s secondary profiles. Cape supports all currently-supported Pixel devices running GrapheneOS and provides dedicated activation instructions for GrapheneOS users on their support site.

Our recommended privacy stack:

Google Pixel 9 Pro (or newer) with GrapheneOS
Cape as primary carrier ($99/month)
Proton suite for email, VPN, and password management (discounted through Cape)
Signal for messaging
A privacy-respecting browser like Vanadium (GrapheneOS default) or Brave
A VPN for everyday browsing (see: Best VPNs for Privacy Phones)

Pricing Analysis: Is $1,188/Year Justified?

Let’s be honest: $99/month is expensive for cell service. T-Mobile’s Essentials plan is $50/month. Mint Mobile is as low as $15/month. You can get prepaid service from Visible for $25/month.

But those comparisons miss the point. You’re not paying $99 for the cellular service — you’re paying for what the carrier doesn’t do with your data, and for proprietary security infrastructure that doesn’t exist anywhere else.

Here’s a fairer cost comparison:

Service	Monthly Cost	What You Get
T-Mobile Essentials	$50	Unlimited everything, but T-Mobile collects and sells your data, retains CDRs for years, and is vulnerable to SIM swaps
Mint Mobile	$15-30	Budget unlimited, but zero privacy protections, light MVNO with no core control
Purism AweSIM	$99	Privacy-focused SIM registered under Purism’s name, but no IMSI rotation, no signaling proxy, no encrypted voicemail, limited device compatibility
Cape	$99	Full privacy suite with rotating identifiers, signaling protection, encrypted voicemail, disappearing logs, secondary numbers, and Proton bundle
Cape + Proton (first 6mo)	~$100	All of the above plus Proton Unlimited suite

The Purism AweSIM comparison is particularly illuminating. Both charge $99/month, but Cape offers dramatically more technical protection. AweSIM’s primary value is that Purism registers the SIM in their name rather than yours — a form of privacy through intermediary. Cape goes far beyond that with active technical countermeasures.

Another alternative worth considering: using a data-only eSIM (from providers like Airalo or Nomad) paired with a VoIP number from something like MySudo or JMP.chat. This can cost as little as $20-30/month and provides decent privacy through compartmentalization. But you lose carrier-grade voice reliability, E911 services, and the active countermeasures (IMSI rotation, signaling proxy) that Cape provides.

The Caveats

Cape isn’t perfect, and honest reporting demands we flag the concerns:

The honeypot question. Cape’s CEO is a former Palantir executive. Andreessen Horowitz is a major investor. The company has defense and government contracts through its Obscura product. For some in the privacy community, this raises eyebrows. Doyle has addressed this directly: “All I can do is say we definitively are not a honeypot.” Cape complies with CALEA (the Communications Assistance for Law Enforcement Act), meaning it will respond to lawful intercept orders — just like every other U.S. carrier. Cape’s value proposition isn’t about evading law enforcement; it’s about protecting against mass surveillance, data brokers, hackers, and SIM swappers.

The MVNO limitation. Because Cape rides on other carriers’ physical infrastructure, those underlying carriers may collect their own data about Cape subscribers — including IMEI and connection metadata. Cape’s IMSI rotation and signaling proxy mitigate much of this, but the fundamental physics of using someone else’s towers means some data leakage is possible.

Feature parity gaps. Voice over Wi-Fi is still not available. Last-mile SMS encryption is iPhone-only. Group SMS between Android and iOS can behave oddly. These are typical growing pains for a young carrier, but they matter if Cape is your daily driver.

No family plans. At $99/person/month with no multi-line discounts, a family of four would pay $4,752/year. That’s a significant barrier for household adoption.

Cape is worth it for:

Journalists, activists, and dissidents facing targeted surveillance
Executives and board members concerned about corporate espionage
Cryptocurrency holders and high-net-worth individuals targeted by SIM swappers
Domestic abuse survivors who need to prevent location tracking
Security researchers and privacy professionals who practice what they preach
Anyone who has already been SIM swapped and never wants it to happen again

Cape is probably not worth it for:

Average consumers who just want cheap cell service
People whose threat model doesn’t include targeted attacks
Families looking for multi-line plans
Users who are already comfortable with a data-only eSIM + VoIP setup
Anyone outside the United States (Cape is US-only)

The Verdict

Cape is the real deal. It’s the first carrier that treats privacy as an engineering problem rather than a marketing checkbox. The IMSI rotation alone is a genuinely novel consumer-facing feature that has no equivalent at any other carrier. The signaling proxy, cryptographic SIM swap protection, and disappearing call logs represent meaningful technical innovations, not privacy theater.

Is it worth $99/month? That depends entirely on your threat model. If you’re a journalist covering organized crime, an activist in a hostile political environment, or a crypto whale who’s been SIM swapped before — Cape might be the best $1,188 you spend this year. If you’re a regular person who just wants to stop getting spam calls, it’s overkill.

The most exciting thing about Cape isn’t just what it does today — it’s what it represents. For the first time, there’s a well-funded, technically competent company proving that a privacy-first carrier is commercially viable. Even if you don’t subscribe, Cape’s existence puts pressure on every other carrier to take privacy more seriously.

Pair it with GrapheneOS on a Pixel, and you’ve got the most private phone setup money can buy in 2026. Whether that’s worth $99/month is a question only your threat model can answer.

Rating: 4 out of 5 — Excellent technology and genuine innovation, held back only by the premium price and early-stage feature gaps. We’ll revisit when family plans and Android SMS encryption arrive.

Cape is available at cape.co. The PrivacyPhones Team has no financial relationship with Cape. We paid for our own service to conduct this review.