End-to-End Encryption Platform
The highest level of security for your data in the cloud
Our End-to-end Encryption (E2EE) Platform is specifically designed for developers who want to easily integrate end-to-end encryption into their Web or Mobile apps.
It allows them to encrypt user data on the client-side, effectively protecting it from third parties such as server administrators, institutions, service providers, or even OVHcloud itself.
The solution handles all the complex cryptography, key exchange, and private key recovery features so developers can focus on their apps. The experience is completely invisible to end users, while delivering state-of-the-art data security to them.
Classical methods are not enough
Most of the time, security engineers focus their efforts on securing an application by creating a secure perimeter around it through measures like Web Application Firewalls (WAFs), Transport Layer Security (TLS), Encryption at Rest, and Privileged Access Management (PAM) on servers, leaving data in clear text on the backend.
If the backend can read the data, so can a hacker, server administrator, institution, or even the service provider.
The Highest Data Security Method
End-to-end encryption is the state-of-the-art technology to ensure data security. The threat model assumes that the application’s infrastructure and operators cannot be fully trusted and therefore must not have access to users’ clear text data.
Encryption is done before sending the data to the backend. The backend no longer have access to the data in clear text. It prevents data from being breached if unauthorized access occurs.
What is End-to-End Encryption?
End-to-end encryption (E2EE) ensures that message content is accessible only for authorized recipient. Neither the system provider nor any third parties can obtain the cryptographic keys required to decrypt or forge messages.
OVHcloud End-to-End Encryption Platform
When building E2EE with an open-source cryptography library, one still needs to choose secure primitives, a robust RNG, implement a secure public key exchange, a private key recovery mechanism, groups management, multi-OS compatibility, …
OVHcloud End-to-End Encryption Platform is built using open-source cryptography libraries, but that's not all... it provides the developer all the features they may want, saving them a lot of time and giving them the assurance that the overall architecture is secure by design.
It is a ready-to-use toolkit, that abstracted away all the cryptographic complexity to let them focus confidently on their product.
Developer-Friendly
OVHcloud End-to-End Encryption Platform is available for web, mobile or desktop applications and most languages.
All the Complexity is on our Side
Import the SDK
Create a free account, retrieve your API keys and import the SDK in your app.
Encrypt
Call sdk.encrypt() on any sensitive data. It is encrypted locally for the authorized users only.
Send
The encrypted data is sent to your backend through your regular API calls.
Store
Your backend stores the end-to-end encrypted data. No one except authorized users can decrypt it.
Need some help?
✉️ You can reach us at support.seald@ovh.net.
FAQ
🔐 What is End-to-End Encryption (E2EE)?
End-to-End Encryption (E2EE) is a security method that ensures data is encrypted directly on the sender’s device before being sent to the backend, and can only be decrypted by authorized recipients. No third party, including the service provider, administrators, or intermediary systems, can access the data in plaintext.
👨💻 What is the purpose of the OVHcloud End-to-End Encryption Platform offering?
OVHcloud’s E2EE Platform offering is designed to help developers easily integrate end-to-end encryption into their web, mobile, or desktop applications without requiring deep cryptography expertise. It automatically handles cryptography, key exchanges, and private key recovery.
📦 How is this solution different from traditional data protection methods?
Traditional security methods (such as TLS, WAF, encryption at rest, etc.) protect the application or the network perimeter, but often leave data in plaintext on the backend. With E2EE, data is encrypted before transmission, preventing any reading or access even if the backend is compromised.
🧠 How does OVHcloud E2EE Platform work?
- Import the SDK into your application after creating an account and retrieving your API keys.
- Encrypt data locally using sdk.encrypt().
- Send the encrypted data to your backend via your usual APIs.
- Store it on the backend: only authorized parties can decrypt it.
📱 Does this solution work on all platforms?
Yes, it is compatible with web, mobile, and desktop applications, and supports most programming languages.
👩🔧 Do I need cryptography skills to use it?
No. One of the strengths of the offering is that it abstracts all cryptographic complexity, allowing developers to use it without specialized cryptography expertise.
🤝 How can I create an account to use this solution?
You can create an account by following the registration link here.
📚 Where can I find the technical documentation?
📨 Where should I send my questions or support requests?
You can contact the support team at: support.seald@ovh.net.
📅 What stage of development is this solution at?
The solution is in Alpha. So far, it is nothing less than the re-branded staging environement of the Seald SDK, but gradually change will come.
🛠️ Does this solution support cryptographic key management?
Yes, the solution includes mechanisms for key management, secure key exchange, and private key recovery, so you don’t have to implement these features yourself.
🤫 Is OVHcloud E2EE Platform compatible with a “zero-knowledge” model?
Yes, with properly implemented end-to-end encryption, OVHcloud never accesses your data.
⚖️ Does using E2EE help me comply with GDPR / regulations?
Yes, by protecting your users’ sensitive data from any unauthorized access, E2EE is a strong lever for meeting privacy and data protection requirements.
-
Alpha
-
Beta
-
General Availability