Frequently Asked Questions
Can my data be viewed by Arcano?
No, all data is encrypted in your browser and then transferred to our servers. The decryption also takes place in your browser.
How long are my encrypted data stored at Arcano?
By default, received and sent data is available for 10 days. Afterwards the encrypted data is irrevocably deleted.
Which connection or metadata is being stored?
We do not implement explicit tracking of connection or metadata ourselves. Information that has to be retained by law or is required for billing purposes, will be stored by the server infrastructure provider (currently: Exoscale https://www.exoscale.com).
Has Arcano been professionally audited?
The first step of the audit has been completed. The audit was performed by cure53 gmbh (also known for auditing Telegram and Protonmail). The recommendations of the audit were fully implemented. If you are interested, we can deliver the corresponding documents, please contact us.
What other security measures exist?
Arcano was designed with security as the main target. Arcano is daily checked for all known vulnerabilities automatically. Should a security breach compromise the integrity of the If data security is threatened, we reserve the right to take Arcano out at short notice.
Who is behind Arcano?
Arcano, respectively codefour LLC is a company and is 100% owned by the shareholders. The legal form of a LLC ensures that foreign investors cannot take control of the tool unnoticed.
Why was Arcano developed?
Because we think that secure data transmission to Professional secret holders in particular and secret communication between everyone in particular is a fundamental right.
Which requests from legal authorities are answered?
Currently there are no inquiries from legal authorities.
Do you support 2-factor authentication?
In order to increase security, we support 2-FA. This can be activated in the settings.
Why does Firefox not ask me where I want to save my Download?
Different Firefox Addons can affect the functionality of Arcano. Please try using Arcano in a private window or reset Firefox to its default configuration.
Where is the data stored?
We store all data in Switzerland, currently in the Exoscale Cloud. The data is encrypted and we have no access to it, no matter where it is stored.
My upload field is not shown on my website
Depending on the configuration, content blockers can stop the IFrame, i.e. the drop zone of Arcano, to not be correctly displayed.
Is Arcano Open Source?
End-to-end encryption is only possible when the relevant code parts are delivered to your browser. This means everybody can always inspect the source code of Arcano. We believe this increases trust and is the only right way to use encryption. However, the code is still copyrighted by Arcano and may not be used without written consent of codefour gmbh.
We plan to open source the relevant parts of our code on github soon.
Do you have a bug bounty program?
We welcome every hacker and tinkerer who informs us about problems. We will
- respond with a reception mail
- not put any charges against you
- fix the problem ASAP
- acknowledge yout finding
Does Arcano scan the data for viruses?
No, all data is encrypted in your browser and then loaded onto then uploaded to our servers. We have no access to your data and therefore cannot run a virus analysis on it.
Can I fully trust the data I receive?
For each transfer you receive, we send a verification email to the sender so that the owner of that email address can confirm that they were the sender. Nevertheless, you should exercise the same caution as when you receive files through other channels (for example, email). That is, verify the sender, make sure not to enable macros in Office documents, and if in doubt, use a virus scanner on your computer.
