Secure Data Transfer

To maintain confidentiality and safety of your data, files and folders are transferred exclusively through your devices.

That means that if you are copying a file from i.e. Google Drive to OneDrive, your device will download that file from Google Drive and then upload it to OneDrive.

Once the successful upload has been confirmed, the downloaded file will be deleted.

A screenshot of mementō on an Android phone

How mementō Works

Simply put, you can count on us making sure that your files never touch our servers.

A graph showing data flow when using memento, pointing out that your files never go through our servers

And in more detail…

mementō application requires access to your remote storage such as Google Drive or OneDrive. Once that access is granted, a token is sent from the remote provider to the phone. The information that you have added a remote account is then encrypted and sent to servers so that your other devices can ask you to sync remote storage. Data on the servers cannot be accessed without the encryption key that lives on your devices.

When you are adding a new device, a secure channel is established using QR codes and the keys are exchanged between the devices. New device can then download the information about remote storage services you use from the mementō server and decrypt them. Once that is done, you are asked to allow the new device to access the data on the remote service.

Our encryption is based on the well known libsodium library.

How we make sure that your data is intact during the transfer

We calculate a hash while data is being transferred and then compare that hashes of destination and target sides. If the hashes are matching we know the transfer was successful.

Security Certification

Memento is verified to have satisfied App Defense Alliance Cloud Application Security Assessment (CASA) Tier 2 requirements. This verification is valid for period from 10/17/2023 to 10/17/2024.