Zero-Knowledge Architecture
At Terminal Ping, we believe that the only truly secure data is data that even we can't access. That's why we built our platform on a zero-knowledge architecture from day one.
When you create a package containing sensitive information—whether it's bank account credentials, investment portfolios, or digital asset keys—that data is encrypted on your device before it ever leaves your browser.
AES-256-GCM Encryption
We use AES-256-GCM (Galois/Counter Mode) for all package encryption. This provides both confidentiality and authenticity, ensuring that your data cannot be read or tampered with.
// Client-side encryption example
const encryptPackage = async (data, password) => {
const key = await deriveKey(password);
const iv = crypto.getRandomValues(new Uint8Array(12));
const encrypted = await crypto.subtle.encrypt(
{ name: 'AES-GCM', iv },
key,
new TextEncoder().encode(data)
);
return { encrypted, iv };
};Key Derivation
Each package is encrypted with a unique encryption key derived from your master password using PBKDF2 with 100,000 iterations. This makes brute-force attacks computationally infeasible.
Your recipients receive their own decryption keys, which are themselves encrypted and only deliverable when your dead man's switch is triggered.
Secure by Default
Security isn't optional at Terminal Ping—it's fundamental to everything we do. From our zero-knowledge architecture to our use of industry-standard encryption, we've built a platform that protects your most sensitive information even from ourselves.