Security & Compliance

End-to-end encryption

Every file is encrypted in your browser with AES-GCM 256 before a single byte leaves your device. The encryption key is derived from a random secret carried in the link fragment (which is never sent to our servers) combined with the out-of-band PIN. We cannot derive the key, and therefore cannot read your files.

Zero server storage

Files travel directly browser-to-browser over an encrypted WebRTC data channel. We operate no storage bucket or database of file contents. When the tab closes, the session is gone.

The signaling server is blind

A small signaling service introduces the two browsers to each other and verifies a hash of your PIN. It never sees file content, the encryption key, or the PIN itself — only a salted hash bound to the session. On strict corporate networks where a direct connection is impossible, traffic may be relayed through a TURN server; that relay forwards only encrypted bytes it cannot read, and the app shows you clearly when a connection is relayed.

Data we do and don't hold

• We never store: file contents, file names, recipient identities, or your PIN.
• We do store (account holders): your account email and subscription status, plus an anonymous monthly transfer counter for plan limits.

Regulated data & our posture

Because we never have access to your content — even transiently in clear — SaferDrop acts as a blind conduit. We do not market SaferDrop as a certified solution for any specific regulatory regime, and you should evaluate it against your own obligations. If your organization requires a formal agreement (e.g. a Business Associate Agreement) before using a transfer tool, contact us.

Verifiability

The client-side cryptography and the signaling service are designed to be open-sourced so that the security claims on this page can be independently verified.

This page describes our architecture; it is not legal advice.