Here at Bitcasa, we’ve been talking about our unique ‘zero knowledge storage’ platform for years. Thanks to AES-256 encryption with a private key based on a user’s unique password, no one (not even Bitcasa employees) can access the data stored on our servers.
This is how all cloud storage services must work, right? Not so fast. Google’s “Photos” service for example has a much different take:
“When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.” Source: http://www.google.com/intl/en/policies/terms/
So Google (and those Google works with) reserves the right to “publicly display” my family photos? Yikes.
At Bitcasa, we understand that to many people, storing files on a remote “cloud” somewhere can be a bit unsettling. This is exactly why we designed Bitcasa as a zero knowledge system. User files are just that: the property of the user. At Bitcasa, we can’t open any files and we can’t even associate an encrypted file with a particular user. We’re blind, and so are would-be hackers. And we like it that way. This is perhaps the most core piece of our patent-pending technology and a big differentiation in the cloud storage software market.
The same rules apply. Bitcasa partners and developers can tell their customers with confidence that their data can’t be accessed by anyone, not even Bitcasa employees. Their customers’ photos and important documents are their own. We are simply storing this data safely on their behalf in a secure vault. We respect that privacy, and by selecting Bitcasa, our partners can let their end-users know that they respect their privacy, too.
How does it work, exactly? When a user uploads files to Bitcasa, they are encrypted with a key based off of that user’s password. Bitcasa does not store this key on our servers. When a user logs onto Bitcasa and enters their unique password to start a session, Bitcasa uses that password to decrypt their files – images, data, anything stored in the cloud. But once the user closes that session, their data is no longer accessible. No one at Bitcasa, or anywhere else for that matter, can unencrypt that data.
In an age where privacy and security are becoming more and more important to end-users, it only seems natural that the “right” storage philosophy puts the end-user’s privacy first. Bitcasa has believed in this from day one.