pCloud is an online storage solution that people can use to ensure that their photos, documents, and other important data are not at risk of being lost if their hard drive goes corrupt or they lose their device to theft, loss, or breakage.
pCloud was first launched in 2013 and it is available for all popular platforms via software that you can download to your laptop, desktop, tablet, or smartphone device. It is even available for Linux distros; which is rare. In addition to locally installed clients, users can opt to use pCloud via an online web client that runs in their browser.
Subscribers have the option to use the service for free, or via a monthly, yearly, or lifetime subscription plan. Customers can opt to pay via credit or debit cards, Paypal, or Bitcoin transactions. And all subscribers get a 10-day money-back guarantee to test the service risk-free.
Free users get up to 10 GB of free storage with 50 GB of download link traffic per month. However, free users must verify their account to unlock the file-sharing feature and must follow certain steps in order to gain access to the full 10 GB allowance.
A one month plan starts at $4.99 for 500 GB of storage – or $9.99 per month for two Terabytes of storage. This is not particularly expensive, however, the yearly plans offer better value for money.
Yearly plans can be purchased for $47.88 per year for 500 GB of storage and $95.88 for two Terabytes. Finally, lifetime subscriptions cost $175 for 500 GB and $350 for two Terabytes of storage.
Extremely good discounts can be found with the Lifetime plans – provided you trust the platform to be around for at least another three and a half years to get your money's worth. We have no reason to believe it won't be around, but with a lack of guarantee, we must emphasize the element of risk involved.
No matter which subscription plan you opt for, the amount of storage space that you get is equal to the amount of data you are permitted to share with contacts via links. However, one thing to bear in mind is that users are restricted in the amount they can upload to their account per month.
So, while you can store either 500 GB or 2 TB of data in total at any one time (depending on which plan you opt for) – you may also only upload 500 GB or 2TB of data during each month-long period. If you exceed this upload limit – you will need to wait until the next month to upload more data to your storage space. (You can download as much as you want).
This is a reasonable limitation and being able to upload the total sum of allocated space each month is more than enough for most people’s needs. It is also worth noting that the terms of service disallow users from circumventing these upload limits by using a VPN or some other proxy (it tracks uploads from your IP address).
Finally, pCloud has a rather odd inclusion in its terms of service that states its platform is only available for those over the age of 18. This damages the value of the "family" plan in particular, as this restriction reduces who can use it. We have yet to see the reasoning behind this, but we think it is unusual and potentially unnecessary.
- Software for all popular platforms
- End-to-end encryption (with all paid subscriptions using crypto feature)
- AES 256 encryption at rest and in transit (even on the free plan)
- Sync and backup files from popular third-party cloud storage providers (Dropbox, Facebook, Instagram, OneDrive, Google Drive)
- Preview documents on the cloud drive
- Built-in video player for previewing videos directly from storage
- Built-in audio player with playlists for listening to music directly from your storage
- Unlimited file size for uploads
- No upload or download connection speed limitations on any plans (including free users)
- Shared folders for remote access to files
- Fair share feature (shared folders use storage only from the sharer’s account)
- Share upload links via a URL so that friends and contacts can upload files to your account
- 30-day trash history and file versioning for accessing older versions of files that are accidentally updated
- Customizable links (customize the title, image, headline, and description)
- Newly registered subscribers can choose either European or US data centers
Getting a free or paid account for pCloud is extremely easy, and users get a small amount of storage (2 GB) even if they refuse to verify their email address. This allows users to store data without having to hand over any personal information (though the firm does still track your IP address).
Once you have signed up for a free pCloud account, you will be encouraged to verify your email address, upload a file, and install the pCloud software locally. Each of those activities will give you more storage space up to a total of 10 GB. To get more space, you will be asked to do things like inviting friends and family, installing the software on mobile and desktop machines, and setting up the mobile version to update your photos and videos automatically.
Installing the software is easy and there are versions for Windows, macOS, iOS, Android, and Linux. Users must agree to the Terms of Service in order to install those clients. As a result, users must agree not to use the software to store or share any copyrighted or illegal content. In addition, users must agree to only use the service if encrypted storage is legal where they live.
Ease of Use
To allow contacts or friends to share the contents of folders or individual files, all you need do is right-click on the folder or file from within explorer. Select copy download link and pass that link to your contact. This will allow them to go directly to that file to access it. However, it is worth noting that shared files are never protected with end-to-end encryption.
Files protected with end-to-end encryption using the Crypto feature are not sharable, which means that this service is not suitable for securely sharing files with contacts.
It is also worth noting that free users do not get end-to-end encryption, because the Crypto feature is only available with a subscription. Thus, free users’ files are protected server-side, and the firm controls your encryption keys on your behalf. If you want to secure files with end-to-end encryption (for free) you will need to use a different service. And if you want to share files completely securely, this service is not suitable at all, you have been warned.
In addition to having pCloud folders that automatically appear in Explorer, users can easily select any other folder on their hard drive to sync with their pCloud account. Doing so means that any changes that occur in that local folder also automatically occur in the cloud. This setup procedure happens via the pCloud app.
We found sharing files and folders and setting up sync extremely easy, meaning that this software is a good option for beginners. What’s more, the software will prompt you when you create new files in order to back them up automatically, if you prefer. For example, if you take a screenshot, the software will ask you if you want to save that image to a pCloud folder called screenshots.
We also liked the ability to preview images and videos directly from the cloud, so you do not need to download them in order to view them.
Because (with free accounts) pCloud retains control of your encryption key; you can recover your account and change your password via an email. Recovering your files will not be possible if you forget the password to a paid account that makes use of the Crypto feature. This is because key control is given to the user, and pCloud has zero-knowledge of your encryption keys.
If you do purchase an account, you will need to ensure you set up a unique password that you can remember (by using a password manager, for example). Failure to do so will result in you losing access to all your files (because the firm no longer has the ability to recover access).
Being based in Switzerland means that users should be able to trust that their data will be kept private. Switzerland does not have mandatory data retention laws, and it is a location where a number of high-profile privacy services are based (ProtonMail and VyprVPN, for instance).
However, it is worth noting that if you use a free account, you do not get end-to-end encryption (E2EE), so if pCloud is served a warrant, it could allow the government to access your files. This is also true of any files stored on its servers without the use of the “Crypto” feature.
Newcomers will notice the option to choose where their data is stored.
Selecting Europe brings all the benefits of the Luxembourg data center, which is SSAE 16 SOC 2, Type II certified, and transfers files via TLS/SSL. Choosing the US places your data in Dallas, Texas, USA, which is pCloud's original, and somewhat worrisome location because of the potential for warrants and gag orders granting the US government access to people’s data. The US is, unfortunately, the default for existing customers, as pCloud continues to develop a solution for current subscribers to change their data center.
This is far from ideal and means that you will need to use the “Crypto” feature to gain proper data privacy (E2EE) if you are using the US data centers. In addition, remember that if you want to share files via a link, you will need to upload them to pCloud servers without the use of the Crypto E2EE. Thus you cannot share files securely using this service.
In addition, it uses “tracking services” to “collect information about you such as length of visit, page views, and navigation paths, as well as information about the timing, frequency, and pattern of your usage, operating system, device information, behavior, visited pages, etc.” pCloud claims that this data is “anonymous information can not be identified directly with you.” However, in the case of your IP address, this is untrue.
It is also worth noting that pCloud states that it will comply with requests made by law enforcement “or other third parties pursuant to a subpoena, a court order or other legal process or requirement applicable to pCloud.”
Free users’ accounts are not protected with end-to-end encryption, and files that you upload to the service without using the Crypto feature can be accessed by the firm; thus your data is not completely private when you use this service for free.
pCloud sends all data to its servers using strong TLS/SSL encryption. We checked the service using Qualys SSL labs and found that it scored an A+, which means that your data should be secure in transit (even if you use a free account with no end-to-end encryption).
pCloud provides AES 256 encryption to secure all files in transit and at rest. However, it describes that encryption as “unique” (which we presume means it is some form of proprietary encryption that leverages an AES 256 cipher). The firm claims that the server-side encryption has been tested and verified by the independent third-party cybersecurity firm Mnemonic. Admittedly, we have not seen the results of that audit, and we can’t attest to its veracity. However, it should mean that the service is secure, and it is always good when a closed source platform has been through an independent third party audit).
In addition, pCloud previously offered a $100,000 reward to any ethical hacker that could find an exploit in its server-side encryption. During that bounty hunt, 2860 participants attempted to hack the server-side encryption for six months, and none succeeded. This is highly encouraging. For added clarity, we asked the firm whether its proprietary encryption had been audited and it told us that:
We underwent the required procedures to prove the quality of our Quality Management and Data Management Systems – ISO 9001 and ISO 27001.
This is good, and goes a long way in making up for the fact that pCloud is closed-source, and cannot be verified by any independent auditors to ascertain the security of its source code or “unique” encryption methods.
Where roll-your-own encryption is concerned we would prefer that it was completely open-source. On the other hand, AES 256 encryption sounds secure to us, and it did withstand hacking attempts from numerous white-hat bounty hunters. Thus, it really is down to your own personal threat model as to whether you decide to trust pCloud’s at-rest encryption.
To gain true data security with end-to-end encryption users must subscribe to the service and use the “Crypto” feature. As a result, anybody using the free plan could theoretically have their data accessed by pCloud employees (because the firm retains control over your keys server-side). This is problematic, because it means that all free accounts are vulnerable to hackers (if they manage to hack into and steal those server-side encryption keys). The same is true of any files uploaded without using the “Crypto” feature (E2EE) on a paid account.
Anybody who decides to pay for a subscription plan – and who opts to set up a “Crypto Pass” for their account using the Crypto feature – will be able to access and use private keys to start encrypting their data with E2EE. However, if that password is lost, they will lose access to their E2EE files for good.
Data encrypted with the Crypto feature is encrypted using AES 256 and is transmitted to its servers using 4096-bit RSA. This is secure. However, as previously mentioned because of the closed source nature of the platform – it is impossible for us to verify whether this end-to-end encryption is secure.
This is always the case with any closed source secure storage providers; which you must trust to do as they say they are.
We contacted pCloud using its ticket-based customer support system and found its agents to be knowledgeable. They always tried hard to clear up points about the service and were able to answer a lot of questions that we had.
Responses to requests usually came within a day, but it is worth noting that they appear only to come during business hours. However, we did get responses even at the weekend.
The website has an FAQ section that can be found in the footer of any page on its website. The FAQ has answers to lots of important questions about many aspects of the service, including questions relating to the encryption provided by the service. However, the answers are a bit low on actual technical details, which would be useful for judging the efficacy of the security provided by the platform.
pCloud also provides a Blog which has articles about using pCloud features. These articles are well written and are a good resource for learning to get more out of the service.
pCloud is easy to use and its availability for multiple platforms is sure to make it a worthy storage provider for many people. However, for the more paranoid among you, its US-based server center and proprietary encryption may be enough to turn you off.
The fact that the service is closed-source is problematic because it means you can’t be 100% certain about what it is doing with your data. As is always the case, whether pCloud is for you will largely depend on your own personal threat model.
The lack of end-to-end encryption for all uploads means that you aren’t getting complete security 100% of the time. And, because you can’t use the E2EE Crypto feature for files that you intend to share with fellow contacts; this service is not suitable for secure file sharing.
To be fair on the service, the availability of end-to-end encryption makes it better than some of its mainstream competitors. However, if you are looking for a completely zero-knowledge service with secure sharing; we recommend looking elsewhere.
On the other hand, if you just want to store files online securely and aren’t particularly worried about E2EE – then this service is definitely worth considering (and seems suitable for 99% of people's needs). Plus, it makes sharing files via a link extremely easy!