Secure File Transfer (an alternative to emailing files): Overview



Secure File Transfer is an alternative to emailing files. Although you can attach Atakama-encrypted files to emails, you first need to decrypt the file. Secure File Transfer is easier and way more secure. The feature lets Atakama users send files end-to-end encrypted to third parties who do not have Atakama installed. Where most encrypted file transfer methods are cumbersome, insecure, or both, Secure File Transfer is super secure and easy to use. The sender never has to decrypt files and, once sent, only the intended recipient has access to the file on their computer. The file never resides on a server so there is no server to compromise.


The Sender

Files available to send via Secure File Transfer must be Atakama encrypted files. The sender selects the files and is responsible for approving their release. To send a file the user right clicks the file and selects "Export File". This generates a dedicated link for the file(s) being sent. The sender then needs to send the link to the recipient (e.g., email, SMS, Slack, Teams, etc.).  


Once the recipient has accessed the link and had their identity verified the sender is free to release the files. Releasing files is a cryptographic operation that requires the sender to approve a MofNop.


The Recipient

There are no restrictions on who can receive files via Secure File Transfer. An Atakama user can even securely transfer files to other machines they own. For instance, a user can send a sensitive document to their phone for access on the go. In such a case, Secure File Transfer is recommended.


Confirming the identity of the recipient

Secure File Transfer also provides a cryptographically secure mechanism to verify the identity of the recipient. When the recipient clicks the link shared with them by the sender, a browser window opens. The window lists a unique Profile ID that consists of 4 random words. The recipient Profile ID words are also listed on the sender's Secure File Transfer window. The sender is, therefore, able to confirm the recipients identity by asking the recipient to confirm the words. For example, the sender can call the recipient to have them confirm the words.  


The word confirmation step prevents an attacker where the link may have been intercepted. If the sender calls or messages the intended recipient and asks for their words, this attack can be prevented.


Known Limitations

  • Modern browsers required. IE will not work.

  • File size is limited to 25 MB. 



How to use Secure File Transfer 


Step 1

Right-click any file or collection of files protected by Atakama and select Export File.


Step 2

A new window will popup with information about the file(s) with a dedicated link for the recipient. Clicking the link above the list of files will automatically copy the link to the clipboard.


Step 3

Forward the the link to the recipient via preferred communication channel.

Step 4

Recipient should navigate to the provided link, which will launch the following page.




Step 5

Recipient can choose to either generate a key or use a password.  The considerations are presented on the page.

 Step 6

Sender has the option to verify the recipient to ensure they are the intended party. The sender can contact their intended recipient and verify their Profile Id matches the 4 words listed in the sender's Secure File Transfer window.






Step 7

The Start button on sender's Secure File Transfer window turns blue. When sender taps start they then need to approve a MofNop, which releases the file to the recipient to decrypt and download directly in their web browser. 

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.