Outbank uses the zero-knowledge principle for secure data transfer via Secure Sync. This means that we never have access to your data. Also, the cloud provider Amazon, whose servers we use for the synchronization, has no insight into your data.
Before the transfer, your data is encrypted using AES encryption, the highest standard for data encryption. Only then they will leave your device in the direction of cloud storage. The data can neither be read by us nor by Amazon. Only when you decrypt the data on your other device, they are readable again (end-to-end encryption).
The Advanced Encryption Standard (AES) transforms your data into a hieroglyphic ciphertext of a certain length (128 bits or a 39-digit number). The transformation from plain to ciphertext is secured with another key (128, 192 or 256 bits or a number with 39, 58 or 78 digits). The encryption happens exclusively on your device – therefore we have no insight on it.
The encryption key for your data is obtained from your App password by the Key Derivation Function PBKDF2. In this process, a specific function is applied to the same password several times consecutively. This iteration ensures that the original password can no longer be deduced. The process takes places exclusively on your device – neither Amazon nor we can resolve the key.