Encryption Standards

Your digital legacy is no good if it isn't secure. At After Me, we treat security not as a feature, but as the foundation of our existence. Here is exactly how we protect your data.

Zero Knowledge Architecture

"Zero Knowledge" means we don't know what you store. Your content is encrypted on your device (client-side) or using keys derived from your password before it ever reaches our servers. We do not store your password in plain text. We store a cryptographic hash. This means our engineers, admins, and databases cannot read your letters.

AES-256 Encryption

We use the Advanced Encryption Standard (AES) with 256-bit keys. This is the same standard used by governments, banks, and intelligence agencies worldwide to protect Top Secret information.

Key Derivation (PBKDF2)

To ensure your password cannot be brute-forced, we use PBKDF2 (Password-Based Key Derivation Function 2) with a high iteration count and a unique salt per user. This turns your password into a cryptographic key that is computationally expensive to guess.

Data In Transit (TLS 1.3)

All communication between your device and our servers is encrypted using Transport Layer Security (TLS) 1.3. This prevents "man-in-the-middle" attacks where someone could intercept your data as it travels across the internet.

The Release Mechanism

When a release condition is met (e.g., date reached), our system programmatically retrieves the encrypted data package and the encrypted key. We then generate a secure, tokenized link for your beneficiary. The unique decryption process happens securely, ensuring only the intended heir with the correct link can view the content.