Security: Peerio
Peerio is a secure workstream collaboration platform

Protect your high-value assets without impeding team communication.

In a world where 4,947 data records are compromised every minute*, even one breach could ruin you. De-risk your sensitive communications with Peerio’s true end-to-end encryption.

Get in touch
*Based on the Bleach Level Index

Security Specs

E2E icon
End-to-end Encryption
All your files and messages are encrypted by default. No one else has access.
2SV icon
Two-Step Verification
Verifies your identity at login with a third party authenticator app.
ID icon
Public Key Verification
Helps you confirm the identity of the person you’re communicating with.
GEOL icon
To prevent data loss, we backup your encrypted data in three different locations.
NOK icon
No Knowledge
Even if we’re breached, your information is undecipherable without your key.
ONP icon
On-Prem Hosting (Enterprise option)
We’ll customize to fit your workflow and you keep control of your data on premise.
AUD icon
Independent Audits
Security experts regularly audit us to make sure everything stays safe.
OS icon
Open Source
Anyone can analyze our code.
Code on Github

Technical Overview

Secured with
End-to-End Encryption

Every message and file stored and sent with Peerio is encrypted end-to-end without any need to enable or activate encryption. Our encryption is designed so that group communication across multiple devices is easy, fast, and persistent.

  • Users’ keys are never seen by the server
  • Unique keys are used for each conversation, and re-keyed each time participants change
  • We use state-of-the art, fast encryption primitives from the NaCl cryptographic framework:
    • X25519 for public key agreement over elliptic curves
    • ed25519 for public key signatures
    • XSalsa20 for encryption and confidentiality
    • Poly1305 for ensuring the integrity of encrypted data
    • scrypt for memory-hard key derivation
    • BLAKE2s for various hashing operations

For in-transit encryption, we use Transport Layer Security (TLS) with best-practice cipher suite configuration, HTTP Strict Transport Security (HSTS), and include support for perfect forward secrecy (PFS). You can view a detailed and up-to-date independent review of Peerio’s TLS configuration on SSL Labs.

Privacy Protection

We protect your encrypted data against:

Server compromise.

If our server network is ever compromised, the content of your messages and files will remain inaccessible to any third party, including Peerio and its employees.

Malicious Host.

The Peerio app protects against message forgery, file modification, and artificial read receipts of messages that have not been read.

Man-in-the-middle attacks.

The Peerio app provides means for users to securely authenticate each other’s cryptographic identities (see “Public ID#”).

Unauthorized account access.

We protect a user’s account and identity by using authenication challenges, including a randomly generated 128-bit strength Account Key and optional two-step verification (2SV).

Read more about our privacy policy

Security Transparency

Open source.

Peerio’s client code is open source to provide transparency and strengthen our security through ongoing public review, testing, and evaluation. Our client code is available for review on GitHub.

Security audits.

Our client and server code undergo independent third-party security audits by expert cryptographers and penetration testers at Cure53.

“We actually had our emails hacked before. It got us looking for a tool that's more secure than email, uses groups for discussions, and handles sensitive information. We compared all the tools then we decided to use Peerio. Because with Peerio we trust that the multimillion dollar project we’re working on with a customer is going to stay confidential.

Ernest Yale
Ernest Yale
CEO & Founder, Triotech

We help key leaders, like you, in the battle to protect your most valuable data.