Zero-Knowledge encryption
Every hosted transfer is encrypted on your device before it leaves. Zero-Knowledge mode goes one step further: the key that unlocks your files never reaches our servers - so, unlike our default, we genuinely cannot read them.
“Zero-knowledge” is a strong claim, so it is worth being exact about what it means here. To read your files, one thing is needed: the encryption key. Zero-knowledge means that key never reaches us - we hold zero knowledge of it. The encrypted data we store is, without the key, just noise on a disk.
That precision cuts both ways. Every hosted transfer is encrypted on your device with AES-256-GCM, in every mode - but only Zero-Knowledge mode keeps the key entirely off our servers. So it is the only mode in which we truly cannot decrypt your files, and the only one we describe that way.
The two key modes, side by side
Both modes encrypt your files on your device, at the same strength. The only difference is what happens to the key that unlocks them.
| What we compare | Server-escrow (default) | Zero-Knowledge (paid) |
|---|---|---|
| Where files are encrypted | On your device, before upload | On your device, before upload |
| What we store | The ciphertext plus the key, wrapped by AWS KMS | The ciphertext only - no key, ever |
| Where the key lives | In escrow on our servers (KMS-wrapped) | Only in the share link’s “#” fragment |
| Can Transferify decrypt your files? | Technically yes - KMS can unwrap the key | No - we never receive the key |
| If you lose the link | Still recoverable - we hold the key | Gone for good - we cannot help |
| Availability | Every plan, including free | Paid plans |
Where the key lives - and why the “#” in the link matters
A Transferify file key is a random 256-bit AES key generated in your browser. In Zero-Knowledge mode it reaches your recipient inside the link fragment - the part after the “#” symbol, for example transferify.cloud/download/abc123#k=…
That is the whole trick. By a rule every browser follows, the fragment is never sent to the server: it stays in the browser and is used only on the page itself. So when your recipient opens the link, the key is read locally to decrypt the download, and our servers see the request without the “#” part. We simply never receive it.
It also means the link is the key. Anyone you give the full link to can open the files, so share it over a channel you trust. For extra safety you can add a password: the key is then wrapped with your password (PBKDF2, 600,000 iterations) before it goes in the link and unwrapped in your recipient’s browser - the password never reaches us either.
How your files are encrypted
Files are encrypted with AES-256-GCM, a standard authenticated cipher used across the modern web. Large files are split into 8 MiB chunks; each chunk is sealed and authentication-tagged on its own, then streamed straight to storage - so encryption works even on files far larger than your device’s memory.
Every chunk is bound to its exact position in its transfer. If our storage ever returned a tampered, reordered, or swapped chunk, decryption fails loudly instead of handing your recipient corrupted or wrong data. Files are stored in the EU (AWS, Frankfurt) and kept encrypted at rest.
What the default mode does - and why it is honest to say so
By default, and on the free plan, we use server-escrow. Your files are still encrypted on your device, but we keep the file key in escrow, wrapped by AWS Key Management Service (KMS). That means we are technically able to decrypt a hosted file - for example to deliver it, or to comply with a lawful request - so we do not claim to be blind to it.
The upside is convenience: the download link is short, carries no key, and a lost link is still recoverable because we can unwrap the key again. It is the right default for everyday sharing. It is not zero-knowledge, and we do not call it that.
When to choose Zero-Knowledge
Turn on Zero-Knowledge mode when “trust us” is not good enough - when you need it to be provable that the provider cannot read a file.
- Confidential documents - legal, financial, medical, HR
- Credentials, keys, or anything you would never send in plain text
- Work under a strict privacy or compliance requirement
- Anytime you would rather the key simply never exist on our side
The trade-off is that we cannot help you recover a lost link - because we hold nothing to recover from. Keep the link safe (and consider a password), and your files stay private even from us.
Not sure which you need? Every transfer is encrypted either way - start with the default, and switch on Zero-Knowledge for the ones that really matter.