Product Update: Encrypted Cloud Backup Comes to Pro Max

Privacy-first storage has always carried a quiet tension: your data is safest on your device, yet devices are lost, stolen, dropped in water, and run over by cars. Until now, Veilo users faced a genuine trade-off — fortress-grade on-device encryption, but no safety net if the device itself disappeared. Today, that trade-off ends. Zero-knowledge encrypted cloud backup is now available on Veilo Pro Max, bringing durable, cross-device recoverability to your encrypted vault without ever exposing your key or your plaintext to our servers.

What's Launching: Encrypted Cloud Backup for Pro Max

Pro Max subscribers can now enable cloud backup from Settings → Backup & Recovery. When enabled, your vault is encrypted on your device — using the same AES-256 key derived from your PIN or passphrase — and the resulting ciphertext is uploaded to Veilo's secure cloud infrastructure. Your key never leaves your device. Veilo's servers receive an encrypted blob they cannot read and have no mechanism to decrypt.

Backup runs automatically in the background when your device is on Wi-Fi and charging, ensuring your vault stays current without requiring manual intervention. The full backup history is retained for 30 days, allowing point-in-time recovery if a recent backup contains a problem.

This feature is exclusive to Pro Max because of the infrastructure cost of storing encrypted data at scale. Pro and free-tier users retain all existing on-device protections and are encouraged to use Trusted Contacts for key recovery.

---

What Zero-Knowledge Actually Means

"Zero-knowledge" has become a marketing term used loosely across the industry, so it is worth being precise about what it means in Veilo's architecture — and what it does not mean.

In the strict cryptographic sense, a zero-knowledge proof allows one party to prove to another that they know something without revealing what that something is. In the cloud storage context, "zero-knowledge" has come to mean something slightly different but equally important: the service provider holds data but has zero ability to read it, because the encryption and decryption happen entirely client-side, using keys the provider never possesses.

For Veilo Pro Max cloud backup, zero-knowledge means:

• Encryption occurs on your device before any data is transmitted
• The encryption key is derived from your PIN/passphrase using a memory-hard key derivation function (Argon2id), never transmitted
• What is uploaded to Veilo's servers is AES-256-GCM ciphertext with authentication tags — mathematically indistinguishable from random bytes without the key
• Veilo employees cannot access your vault contents, even with full access to the server infrastructure
• A complete server breach yields only encrypted ciphertext — valuable to no one without the key

What zero-knowledge does not mean in this context: it does not mean Veilo has zero knowledge of your account's existence, your backup size, or your usage metadata. Those operational facts are necessarily known to provide the service. The zero-knowledge property applies specifically to your vault's contents.

Comparison: Cloud Backup Models

Model	Who holds key	Server breach impact	Provider can read?
Unencrypted cloud (e.g., default iCloud Photos)	Provider	All data exposed in plaintext	Yes
Encrypted in transit only	Provider	Data exposed if keys stored server-side	Yes
Client-side encrypted, key with provider	Provider	Breach + key store compromise = exposure	Technically yes
Zero-knowledge (Veilo Pro Max)	You only	Breach yields useless ciphertext	No

The distinction between the third and fourth rows is often glossed over. Many services encrypt your data and claim it is "secure," but store the encryption key (or a key-wrapping key) server-side for convenience, allowing password resets and administrative access. In a server breach or under legal compulsion, that architecture can be defeated. Zero-knowledge eliminates this entire attack surface.

The Technical Architecture: How Backup Works

Understanding the mechanics helps you make informed decisions about your security posture.

Key Derivation

Your vault key is never stored directly. It is derived each time from your PIN or passphrase using Argon2id, the winner of the 2015 Password Hashing Competition. Argon2id is deliberately memory-hard and compute-intensive, making brute-force attacks on the PIN extremely expensive even if an attacker obtains the encrypted backup. The derivation parameters (memory cost, iteration count, parallelism) are tuned to take approximately 500ms on a modern mobile device — fast enough to be unnoticeable to users, slow enough to make automated cracking impractical.

Key Derivation Flow:
  PIN/passphrase + device-specific salt
      → Argon2id (memory-hard, ~500ms)
      → 256-bit vault key

Backup Encryption:
  Vault contents (files + metadata)
      → AES-256-GCM with vault key
      → Authenticated ciphertext + 128-bit auth tag
      → Chunked, compressed, uploaded to Veilo servers

The salt used in key derivation is device-specific and stored locally. This means the same PIN used on two different devices would derive different keys — a feature, not a bug, as it prevents cross-device brute-force attacks using rainbow tables.

Authenticated Encryption

Veilo uses AES-256-GCM (Galois/Counter Mode) rather than unauthenticated AES. This matters because GCM provides both confidentiality (the ciphertext reveals nothing about the plaintext) and authentication (tampering with the ciphertext is detected). If a server-side attacker modifies your backup, your device will detect the authentication tag mismatch and refuse to restore from the corrupted data. This protects against both passive eavesdropping and active manipulation attacks.

Chunked Upload and Deduplication

Large vaults are split into chunks before encryption. Each chunk is independently encrypted with a derived key, allowing incremental backups (only changed chunks are re-uploaded after the initial backup) while maintaining security. Chunk-level deduplication operates on encrypted chunks — Veilo's servers cannot perform content-based deduplication (which would require reading plaintext) but can avoid re-uploading identical encrypted chunks from the same device.

The Threat Model: Who Does This Protect Against?

Threat modeling — defining who your adversary is and what they can do — is the only honest way to evaluate a security feature.

Veilo Pro Max cloud backup protects against:

• Server-side breach: An attacker who gains access to Veilo's cloud infrastructure sees only encrypted ciphertext. Without your PIN and the device-specific salt, the data is useless.
• Rogue employees: Veilo staff with infrastructure access cannot read your vault contents. The architecture prevents it, not just policy.
• Legal compulsion of Veilo: Courts or government agencies demanding your data from Veilo receive encrypted ciphertext that cannot be decrypted without your key. Veilo cannot provide what it does not have.
• Device loss or theft: Your vault survives device loss and can be restored on a new device through the recovery flow.

Veilo Pro Max cloud backup does not protect against:

• Compromise of your PIN: If an adversary learns your PIN and obtains your backup (or a new device enrolled in your account), they can decrypt it. Choose a strong PIN or passphrase.
• Compromise of your Veilo account credentials: Account access is gate-kept by your Veilo account password and optionally two-factor authentication. Enable 2FA.
• Physical access to an unlocked device: If your device is powered on, unlocked, and an adversary has it, the vault key is in memory. Cloud backup does not help here — that is a device security problem.
• Advanced persistent threats with device access: Nation-state adversaries with persistent access to your device before encryption occurs are outside the threat model of any consumer application.

This is an honest accounting. Every security system has a threat model, and being explicit about boundaries is more useful than broad claims.

The Cross-Device Restore Flow

Restoring your vault to a new device is the moment that matters — and it needs to be both secure and practical.

Restore Flow:
1. Install Veilo on new device
2. Log in to your Veilo account
3. Select "Restore from backup"
4. Enter your vault PIN or passphrase
5. Device derives vault key using Argon2id + stored salt (retrieved from account)
6. Downloads encrypted backup chunks from Veilo servers
7. Decrypts and verifies authentication tags locally
8. Vault contents restored — files, metadata, and vault settings

A few important notes:

The PIN must be correct: The restore depends on your PIN to derive the key. There is no "forgot PIN" option that bypasses encryption — that would defeat the entire model. This is why pairing cloud backup with Trusted Contacts is strongly recommended: Trusted Contacts provides a cryptographic path to key recovery if you forget your PIN, while cloud backup provides a copy of the encrypted vault. Together, they cover the full recovery scenario.

Salt retrieval: The device-specific salt used in key derivation is stored in your Veilo account (not your device), encrypted separately, to enable cross-device restore. This means the salt is accessible to Veilo servers — but the salt alone cannot decrypt your vault; it is only one input to the key derivation function. Without your PIN, the salt is useless.

Verification before deletion: When you restore to a new device, Veilo asks you to verify the restored vault looks correct before you proceed. Do not factory reset or wipe the old device until you have confirmed the restore is complete and accurate.

Pairing Cloud Backup with Trusted Contacts

Cloud backup and Trusted Contacts solve complementary problems:

Scenario	Cloud Backup	Trusted Contacts
Device lost/destroyed	✅ Vault data survives	❌ Does not help alone
Forgotten PIN	❌ Cannot decrypt without key	✅ Reconstruct key from shares
Device lost AND PIN forgotten	✅ + ✅ Together solve it	✅ + ✅ Together solve it
Account compromised	❌ Attacker still can't decrypt	❌ Depends on approval flow

The recommended recovery architecture for Pro Max users is to enable both:

1. Cloud backup ensures a copy of your encrypted vault is always available
2. Trusted Contacts ensures that even if you forget your PIN, the key can be reconstructed

With both in place, the only irrecoverable scenario is forgetting your PIN and having insufficient trusted contacts available and losing your device — a cascade of simultaneous failures that represents genuine, unavoidable loss. This is the honest limit of a zero-knowledge system.

Best Practices for Pro Max Backup Security

Use a strong, memorable passphrase: Your PIN is the single most important secret in the system. A random 6-word passphrase from the EFF wordlist provides approximately 77 bits of entropy — far stronger than any numeric PIN, and memorable through a mental image or story.

Enable two-factor authentication on your Veilo account: Your account credentials gate access to your encrypted backup. A strong account password plus an authenticator app (not SMS) is the minimum. A hardware security key is better.

Confirm backup status regularly: Check Settings → Backup & Recovery monthly to verify backups are completing. A backup that has not run in weeks due to a permissions change or storage issue is no backup at all.

Verify the restore flow before you need it: If you have access to a second device (even temporarily), run a restore dry-run to confirm the process works and you remember your PIN correctly. Discovering a problem during an emergency is the worst time.

Keep trusted contacts current: If your contacts change (new phone number, different relationship, deceased), update your Trusted Contacts configuration promptly. An outdated contact list may be unavailable when needed.

Understand backup timing: Backup runs on Wi-Fi while charging. If you are traveling for extended periods without meeting those conditions, back up manually before departure via Settings → Backup & Recovery → Back Up Now.

Roadmap: What's Coming Next

The launch of cloud backup is the foundation for a set of features in active development:

• Selective backup: Choose which vault folders are included in cloud backup, for users who want to exclude certain categories from cloud storage entirely
• Multi-device sync: Beyond recovery, synchronize vault contents across multiple owned devices in near-real-time (coming later this year)
• Backup export: Export an encrypted backup archive to your own storage (S3-compatible, local NAS) for users who want to control the storage layer entirely
• Backup health notifications: Proactive alerts when a backup has not completed within a user-defined window

Each of these features will maintain the zero-knowledge property: whatever enhancements we add, the fundamental rule — that your key never leaves your device — is not negotiable.

Frequently Asked Questions

Does enabling cloud backup weaken my privacy?

No. The zero-knowledge architecture ensures that what is stored on Veilo's servers is AES-256-GCM ciphertext that cannot be read without your PIN-derived key. Compared to not having backup, you gain recoverability without sacrificing the privacy guarantee that defines Veilo's model. The risk profile that changes is: your encrypted data now exists in two places (device and cloud) rather than one. If anything, this reduces the risk of permanent data loss.

What happens if Veilo goes out of business?

This is a legitimate question for any cloud-dependent service. Veilo's backup format is documented, using standard AES-256-GCM encryption with Argon2id key derivation. If Veilo ever ceased operations, we would provide a migration period and open-source the backup decryption tool so that users could retrieve their data independently. The encryption format is not proprietary — it is standard cryptography.

Can I use cloud backup without Trusted Contacts?

Yes, but you are accepting higher risk. Cloud backup requires your PIN to restore — if you forget your PIN, you cannot decrypt the backup without the Trusted Contacts key recovery path. Many Pro Max users use both, and we strongly recommend the combination.

How much storage is included in Pro Max?

Current Pro Max plans include substantial encrypted backup storage — see the current plan details on the Veilo website. Backup size depends on your vault contents. Veilo stores compressed, encrypted data, so actual storage used may be less than your raw file sizes.

Is the backup encrypted before it leaves my device or at Veilo's servers?

Before it leaves your device. This is the core of zero-knowledge design. Encryption happens locally, using a key that exists only on your device. The network transmission and server storage see only ciphertext. There is no step where plaintext exists outside your device.

Can I delete my cloud backup and what happens then?

Yes. You can delete your cloud backup from Settings → Backup & Recovery → Manage Backup → Delete All Backups. Deletion is permanent and irreversible. After deletion, your vault data exists only on your device. Veilo's servers retain no copies after deletion — there is no "30-day deleted bin" for backup data.

Conclusion

Zero-knowledge encrypted cloud backup for Pro Max is more than a convenience feature — it closes the last meaningful gap in Veilo's protection model. Until now, users had to choose between the strongest on-device privacy and the peace of mind of knowing their data would survive device loss. That choice no longer exists.

The architecture is uncompromising: client-side AES-256-GCM encryption with Argon2id key derivation, zero server-side key custody, authenticated encryption that detects tampering, and a restore flow that requires your key at every step. The server breach threat, the rogue-employee threat, and the legal compulsion threat are all addressed by the same mechanism: Veilo never has the key.

Paired with Trusted Contacts for key recovery and strong account security hygiene, Pro Max cloud backup gives you the full picture — a vault that is cryptographically sealed, recoverable under the conditions you define, and resilient against both loss and compromise.

Upgrade to Veilo Pro Max to enable cloud backup today. For users on Free or Pro plans, Trusted Contacts remains available and is the recommended key recovery mechanism while you evaluate an upgrade.