Frequently Asked Questions

No, all data is encrypted in your browser and then transferred to our servers. The decryption also takes place in your browser.
By default, received and sent data is available for 10 days. Afterwards the encrypted data is irrevocably deleted.
We do not implement explicit tracking of connection or metadata ourselves. Information that has to be retained by law or is required for billing purposes, will be stored by the server infrastructure provider (currently: Exoscale https://www.exoscale.com).
The first step of the audit has been completed. The audit was performed by cure53 gmbh (also known for auditing Telegram and Protonmail). The recommendations of the audit were fully implemented. If you are interested, we can deliver the corresponding documents, please contact us.
Arcano was designed with security as the main target. Arcano is daily checked for all known vulnerabilities automatically. Should a security breach compromise the integrity of the If data security is threatened, we reserve the right to take Arcano out at short notice.
Arcano, respectively Arcano LLC is a company and is 100% owned by the shareholders. The legal form of a LLC ensures that foreign investors cannot take control of the tool unnoticed.
Because we think that secure data transmission to Professional secret holders in particular and secret communication between everyone in particular is a fundamental right.
Currently there are no inquiries from legal authorities.
In order to increase security, we support 2-FA. This can be activated in the settings.
Different Firefox Addons can affect the functionality of Arcano. Please try using Arcano in a private window or reset Firefox to its default configuration.
We store all data in Switzerland, currently in the Exoscale Cloud. The data is encrypted and we have no access to it, no matter where it is stored.
Depending on the configuration, content blockers can stop the IFrame, i.e. the drop zone of Arcano, to not be correctly displayed.
End-to-end encryption is only possible when the relevant code parts are delivered to your browser. This means everybody can always inspect the source code of Arcano. We believe this increases trust and is the only right way to use encryption. However, the code is still copyrighted by Arcano and may not be used without written consent of codefour gmbh. We plan to open source the relevant parts of our code on github soon.
We welcome every hacker and tinkerer who informs us about problems. We will
  • respond with a reception mail
  • not put any charges against you
  • fix the problem ASAP
  • acknowledge yout finding
No, all data is encrypted in your browser and then loaded onto then uploaded to our servers. We have no access to your data and therefore cannot run a virus analysis on it.
For each transfer you receive, we send a verification email to the sender so that the owner of that email address can confirm that they were the sender. Nevertheless, you should exercise the same caution as when you receive files through other channels (for example, email). That is, verify the sender, make sure not to enable macros in Office documents, and if in doubt, use a virus scanner on your computer.