Cryptomator Secures Sensitive Financial Data Using Cloud-Based, Open-Source Encryption that Works Across Platforms

In a Nutshell: Cryptomator is an affordable client-side data encryption solution that keeps valuable consumer data safe. The software securely stores informationthat users control in the cloud rather than on devices. And Cryptomator is more accessible than other solutions because its desktop version is free, and it only charges a small fee for using its mobile app. And even if a hacker accesses a user’s vault, Cryptomator’s encrypted files are useless without the proper key to decode them.

Anyone who has spent time surfing the internet has created some version of a digital identity. Web users generate data with search histories, login credentials, and ecommerce transactions, and that information floats around like specks of dust in the digital world.

And if some of that dust settles on the wrong keyboard, those users could find themselves in a difficult situation.

Consumers reported nearly 165,000 instances of credit card fraud in 2018 alone. On average, someone has a form of their identity stolen every two seconds. And the amount of time and money lost to these thefts each year is immeasurable.

But many of the victims could have avoided the hassle and stress if they had used more effective methods to protect their online data. Some popular online storage options keep user files hidden behind a password and little else. If a cybercriminal finds that user’s password, that person could lose everything in just a few clicks of a mouse.

Cryptomator provides cutting-edge, client-side encryption that can keep financial data — or anything else users want to securely store in the cloud — away from unwanted eyes. The open-source Cryptomator project launched in 2014 before going live in 2016, and today, it remains a top choice for secure online storage.

“All of the other reliable software is expensive and requires a hefty subscription fee,” said Tobias Hagemann, Co-Founder and CEO of Cryptomator and its parent company Skymatic. “There was a need to have one piece of affordable software that handled encryption, was optimized for cloud storage, and available on all platforms.”

Cryptomator is a cost-effective solution, and accessing the encryption software doesn’t require backdoors or registration. Desktop access comes at no cost, aside from a donation the company requests to maintain the software. The only time users encounter a fee is when they download the Cryptomator mobile app — which has a reasonable, one-time cost.

“This started as a side project, but it quickly evolved because others saw the same need for open-source software like this,” Hagemann said. “That’s a big deal with security — you can’t trust software if you can’t see the source code.”

During the initial design phase, the team posted its algorithm to Reddit and received the feedback it needed to refine the source code and strengthen its security. The work continued for more than two years before the company released Cryptomator 1.0 to the world.

“Between Reddit and posting the code on GitHub, we learned so much and refined the product,” Hagemann said. “We also learned how people use the software, which helped us improve the usability of the package.”

Companies, thieves, and other individuals spend millions of hours, and just as much money, every year accumulating consumer data. That data could be account information, credit card numbers, search history, or other sensitive data.

“Financial information is very sensitive data, and it’s not just thieves who you need to hide it from,” Hagemann said. “Maybe it’s an advertiser who wants this information so they can feed you ads based on your financial data.”

Files stored on Cryptomator are protected by the highest level of encryption. Users need a key to access their file vault — and only they possess that key. And even if a thief somehow manages to access their vault, the encrypted files are useless without the proper credentials to untangle the code.

“If you put your financial data in cloud storage that is not encrypted, there’s still a chance that your information can be compromised,” Hagemann said. “Although it’s just a small chance, if it happens, it won’t be good.”

Most popular online file storage solutions increase the odds of a small chance becoming a big headache by not providing the same level of protection that users find with Cryptomator.

“If you put your financial data inside other popular file storage solutions, theoretically, an administrator can view that information since it’s not encrypted,” Hagemann said.

But it’s not just administrators that users need to worry about. Many online scammers pose as administrators, or other trusted officials, in an attempt to collect passwords or other data. These scams, known as phishing, are growing in number and sophistication every day.

“Phishing attempts are so creative today,” Hagemann said. “You can accidentally give away a password and lose everything. But if you use client-side encryption, you can only access the data if you have the key or the password. If an attacker accesses it, they can’t do anything with it because it’s encrypted.”

Hagemann and his team have spent a substantial amount of time studying current and prospective Cryptomator users to understand their pain points. They’ve learned the roadblocks new users face and created a map to make the software more user-friendly for everyone — regardless of their tech experience.

The spoils of that research will come to users in the form of the Cryptomator 1.5 update. Hagemann said the update is currently in its alpha stage and should see its official release before the end of 2019. He noted that the upgrades would change the look and feel of the product without affecting its performance.

“We’re currently working on a significant update,” he said. “We are completely revamping the user interface. It’s an ongoing evolution, but the core remains the same. The encryption and software are still as easy as possible to use.”

The Skymatic team learned from its dedicated users and addressed their needs and issues with the current Cryptomator product.

Although the feedback the team received was glowing, they still found several ways to improve the product without affecting the aspects that other users love.

“We conducted some usability tests on existing users and found that, with our current version, some things were hard to understand,” Hagemann said. “The concepts of vaults and virtual drives provided some hurdles that we needed to overcome. The new update will drastically increase usability.”

Keeping an open-source product like Cryptomator viable and updated is, by nature, a difficult task. The whole point of being open-source is to give the product away so that security experts and others in the field can test it to find potential weaknesses.

But Cryptomator needs to meet operational costs, fund upgrades, and pay its employees. Thankfully, the team’s product is so reliable that several enterprise clients license it to encrypt their most sensitive files.

The proceeds from those partnerships allow Cryptomator to remain on a donation-based model for the foreseeable future.

“Our long-term goal is to make everything we do open-source and free to use,” Hagemann said. “I feel that we will get there one day.”

User donations not only pay the Cryptomator team’s salaries, but they also help fund the ever-changing technological components that the Skymatic group needs to keep its encryption offerings up to date.

“Cryptography is always changing, and it’s vital to keep the software constantly updated,” Hagemann said. “We focus heavily on performance and use the newest technologies to ensure we keep up with the latest developments.”

For Cryptomator users, those developments don’t include reports of data leaks or financial information hacks.