Encryption in Transit
All connections to Compress.FAST use TLS 1.3, the latest and most secure version of the Transport Layer Security protocol. Your files are encrypted the moment they leave your browser.
We enforce HTTPS across all endpoints—there's no way to upload or download files over an unencrypted connection. HSTS headers ensure your browser never accidentally downgrades to HTTP.
Encryption at Rest
Once your file arrives at our servers, it's encrypted using AES-256 before being written to disk. AES-256 is the same encryption standard used by governments and financial institutions for top-secret data.
Encryption keys are managed using ASP.NET Core Data Protection, with keys stored securely and rotated regularly. Even if someone gained physical access to our storage drives, they couldn't read your files without the encryption keys.
Decryption During Processing
Files are decrypted only in memory, only for the brief moment needed to compress them. The decrypted data never touches disk—it exists only in RAM during processing.
After compression completes, the output is encrypted with AES-256 before being written to storage. The decrypted data in memory is overwritten and garbage collected.
No Third-Party Access
We don't use third-party APIs or cloud services to process your files. All compression happens on our own infrastructure. Your files are never sent to external services—encrypted or otherwise.
This eliminates supply chain risks and ensures your files never leave our control during processing.
Download Encryption
When you download your compressed files, they're decrypted in memory and streamed back over TLS 1.3. The same encryption protections apply in both directions.
Download links are time-limited and tied to your session. They can't be shared or accessed by others.