pCloud Review

pCloud is a secure cloud storage service that permits users to store files online using end-to-end encryption. It is a relatively small service that has only been downloaded 1 million times from the Google Play Store. However, those users have rated it with a 4.4 score, demonstrating that it is generally a well-liked storage provider.

Being based in Switzerland is thought to be good for privacy compared to many other locations, and the fact that this service can be used for free makes it an interesting proposition. So, is this secure storage provider worth your time? And will it keep your data secure?

Our Score
3.25 / 5
Pricing
$3.99/mo - $7.99/mo
Free option
Available
Country
Switzerland
Visit pCloud

Overview

pCloud is an online storage solution that people can use to ensure that their photos, documents, and other important data is not at risk of being lost if their hard drive goes corrupt or they lose their device to theft, loss, or breakage.

pCloud was first launched in 2013 and it is available for all popular platforms via software that you can download to your laptop, desktop, tablet, or smartphone device. It is even available for Linux distros; which is rarer. In addition to locally installed clients, users can opt to use pCloud via an online web client that runs in their browser. 

Subscribers have the option to use the service for free, or via a monthly, yearly, or lifetime subscription plan. Customers can opt to pay via credit or debit cards, Paypal, or Bitcoin transactions. And all subscribers get a 10-day money-back guarantee to test the service risk-free.

Free users get up to 10 GB of free storage with 50 GB of download link traffic per month. However, free users must verify their account to unlock the file-sharing feature and must follow certain steps in order to gain access to the full 10 GB allowance.

very email account

A one month plan starts at $4.99 for 500 GB of storage - or $9.99 per month for two Terabytes of storage. This is not particularly expensive, however, yearly plans better value for money.

Yearly plans can be purchased for $47.88 per year for 500 GB of storage and $95.88 for two Terabytes. Finally, lifetime subscriptions cost $175 for 500 GB and $350 for two Terabytes of storage. 

Extremely good discounts can be found with the Lifetime plans - provided you trust the platform to be around for at least another three and a half years to get your money's worth. We have no reason to believe it won't be around, but with a lack of guarantee, we must emphasize the elemeent of risk involved.

No matter which subscription plan you opt for, the amount of storage space that you get is equal to the amount of data you are permitted to share with contacts via links. However, one thing to bear in mind is that users are restricted in the amount they can upload to their account per month. 

So, while you can store either 500 GB or 2 TB of data in total at any one time (depending on which plan you opt for) - you may also only upload 500 GB or 2TB of data during each month-long period. If you exceed this upload limit - you will need to wait until the next month to upload more data to your storage space. (You can download as much as you want).

This is a reasonable limitation and being able to upload the total sum of allocated space each month is more than enough for most people’s needs. It is also worth noting that the terms of service disallow users from circumventing these upload limits by using a VPN or some other proxy (it tracks uploads from your IP address). 

Finally, pCloud has a rather odd inclusion in its terms of service that states its platform is only available for those over the age of 18. This damages the value of the "family" plan in particular, as this restriction reduces who can use it. We have yet to see the reasoning behind this, but we think it is unusual and potentially unnecessary.

Get pCloud

Features

  • Software for all popular platforms
  • End-to-end encryption (with all paid subscriptions using crypto feature)
  • Sync and backup files from popular third-party cloud storage providers (Dropbox, Facebook, Instagram, OneDrive, Google Drive)
  • Preview documents on the cloud drive
  • Built-in video player for previewing videos directly from storage
  • Built-in audio player with playlists for listening to music directly from your storage
  • Unlimited file size for uploads
  • No upload or download connection speed limitations on any plans (including free users)
  • Shared folders for remote access to files
  • Fair share feature (shared folders use storage only from the sharer’s account)
  • Share upload links via a URL so that friends and contacts can upload files to your account
  • 30-day trash history and file versioning for accessing older versions of files that are accidentally updated
  • Customizable links (customize the title, image, headline, and description)
  • Newly registered subscribers can choose either European or US data centers

Setup

Getting a free or paid account for pCloud is extremely easy, and users get a small amount of storage (2 GB) even if they refuse to verify their email address. This allows users to store data without having to hand over any personal information (though the firm does still track your IP address). 

Once you have signed up for a free pCloud account, you will be encouraged to verify your email address, upload a file, and install the pCloud software locally. Each of those activities will give you more storage space up to a total of 10 GB. To get more space, you will be asked to do things like inviting friends and family, installing the software on mobile and desktop machines, and setting up the mobile version to automatically update your photos and videos. 

Installing the software is easy and there are versions for Windows, macOS, iOS, Android, and Linux.  Users must agree to the Terms of Service in order to install those clients. As a result, users must agree not to use the software to store or share any copyrighted or illegal content. In addition, users must agree to only use the service if encrypted storage is legal where they live. 

Ease of Use

Once the software installs, and you have accepted all the necessary components, you can log in and start using the software to upload data to pCloud drive. The desktop client allows you to avoid any possible vulnerabilities caused by Javascript in the web-based client. As is the case with Dropbox, you can access the files on your cloud drive from a folder within Windows Explorer.

pCloud Drive local storage

To allow contacts or friends to share the contents of folders or individual files, all you need do is right-click on the folder or file from within explorer. Select copy download link and pass that link to your contact. This will allow them to go directly to that file to access it. However, it is worth noting that shared files are never protected with end-to-end encryption. 

share documents from local disk on pCloud

Files protected with end-to-end encryption using the Crypto feature are not sharable, which means that this service is not suitable for securely sharing files with contacts.

It is also worth noting that free users do not get end-to-end encryption, because the Crypto feature is only available with a subscription. Thus, free users’ files are protected server-side, and the firm controls your encryption keys on your behalf. If you want to secure files with end-to-end encryption (for free) you will need to use a different service. And if you want to share files completely securely this service is not suitable at all, you have been warned.

In addition to having pCloud folders that automatically appear in Explorer, users can easily select any other folder on their hard drive to sync with their pCloud account. Doing so means that any changes that occur in that local folder also automatically occur in the cloud.  This setup procedure happens via the pCloud app. 

Sync folder to pCloud

We found sharing files and folders and setting up sync extremely easy, meaning that this software is a good option for beginners. What’s more, the software will prompt you when you create new files in order to automatically back them up if you prefer. For example, if you take a screenshot the software will ask you if you want to save that image to a pCloud folder called screenshots. 

We also liked the ability to preview images and videos directly from the cloud, which means that you do not need to download them in order to view them. 

Because (with free accounts) pCloud retains control of your encryption key; you can recover your account and change your password via an email. Recovering your files will not be possible if you forget the password to your Crypto service; because you control your key yourself and pCloud has zero knowledge of your encryption keys.  

forgot password button

If you do purchase an account, you will need to ensure you set up a unique password that you can remember (by using a password manager, for example). Failure to do so will result in you losing access to all your files (because the firm no longer has the ability to recover access). 

Get pCloud

Privacy

Being based in Switzerland means that users should be able to trust that their data will be kept private. Switzerland does not have mandatory data retention laws, and it is a location where a number of high profile privacy services are based (ProtonMail and VyprVPN, for instance). 

However, it is worth noting that if you use a free account, you do not get end-to-end encryption (e2ee), which means that if pCloud is served a warrant, it could allow the government to access your files. This is also true of any files stored on its servers without the use of the “Crypto” feature. 

 

 

Newcomers will notice the option to choose where their data is stored.

Selecting Europe brings all the benefits of the Luxembourg data center, which is SSAE 16 SOC 2, Type II certified and transfers files via TLS/SSL. Choosing the US places your data in Dallas, Texas, USA, which is pCloud's original, and somewhat worrisome location because of the potential for warrants and gag orders granting the US government access to people’s data. The US is unfortunately the default for existing customers, as pCloud continues to develop a solution for current subscribers to change their data center.

This is far from ideal and means that you will need to continue using the “Crypto” feature to gain proper data privacy (e2ee) if you are using the US data centers. In addition, remember that if you want to share files via a link, you will need to upload them to pCloud servers without the use of the Crypto e2ee. Thus you cannot share files securely using this service.

We checked the privacy policy and found that the firm does collect quite a lot of information about its subscribers. The firm states that it collects your “IP address, browser type and version, operating system, referral source, and device information”. 

In addition, it uses “tracking services” to “collect information about you such as length of visit, page views, and navigation paths, as well as information about the timing, frequency, and pattern of your usage, operating system, device information, behavior, visited pages, etc.” pCloud claims that this data is “anonymous information can not be identified directly with you.” However, in the case of your IP address, this is untrue. 

It is also worth noting that pCloud states that it will comply with requests made by law enforcement “or other third parties pursuant to a subpoena, a court order or other legal process or requirement applicable to pCloud.” 

Free users’ accounts are not protected with end-to-end encryption, and files that you upload to the service without using the Crypto feature can be accessed by the firm; thus your data is not completely private when you use this service for free.

Security

pCloud sends all data to its servers using strong TLS/SSL encryption. We checked the service using Qualys SSL labs and found that it scored an A+, which means that your data should be secure in transit (even if you use a free account with no end-to-end encryption). 

 However, it is worth noting that if you use the browser-based client to upload files you could fall victim to a man-in-the-middle attack caused by a vulnerability in the way browsers handle JavaScript code. To avoid this possible exploit (in which an attacker injects keys on the victim) you should stick to using the stand-alone clients that you can download from its website or app stores (available for all popular platforms). 

pCloud provides AES 256 encryption for all files that are stored at rest. However, it describes its encryption as “unique” which we presume means it is some form of proprietary encryption. Admittedly, the firm claims that the server-side encryption has been tested and verified by the independent third-party cybersecurity firm Mnemonic. However, we have not seen that audit and can’t attest to its veracity.

In addition, pCloud previously offered a $100,000 reward to any ethical hacker that could find an exploit in its server-side encryption. During that bounty hunt, 2860 participant attempted to hack the server-side encryption for six months, and none succeeded. This is certainly encouraging. For added clarity, we asked the firm whether its proprietary encryption had been audited and it told us that:

We underwent the required procedures to prove the quality of our Quality Management and Data Management Systems - ISO 9001 and ISO 27001.

pCloud

However, it is worth noting that because pCloud is not open source, it is impossible for any independent auditors to verify the source code or its “unique” encryption methods. This is far from ideal because it means it is impossible to know with any certainty what the firm is doing with your data. 

Where roll-your-own encryption is concerned we would definitely prefer that it was completely open-source. On the other hand, AES 256 encryption sounds secure to us, and it did withstand hacking attempts from a large number of white-hat bounty hunters. Thus, it really is down to your own personal threat model as to whether you decide to trust pCloud’s at-rest encryption.

To gain true data security using end-to-end encryption users must subscribe to the service and use the “Crypto” feature. This means that on the free plan pCloud employees could theoretically access your files and folders (because the firm retains control over your keys). This is problematic, because it also means that all free accounts are vulnerable to hackers who manage to access those encryption keys. The same is true of any files uploaded without using the “Crypto” feature (e2ee) on a paid account.

Anybody who decides to pay for a subscription plan - and who opts to set up a “Crypto Pass” for their account using the Crypto feature - will be able to access their securely stored private keys. This enables them to start encrypting their data with e2ee. If that password is lost they will lose access to their e2ee files. 

Data encrypted with the Crypto feature is encrypted using AES 256 and is transmitted to its servers using 4096-bit RSA. This is secure. However, because of the closed source nature of the platform - it is impossible to verify whether this end-to-end encryption is actually secure. 

This is always the case with any closed source secure storage providers; which you must trust to do as they say they are. 

Customer service

We contacted pCloud using its ticket-based customer support system and found its agents to be knowledgeable. They always tried hard to clear up points about the service and were able to answer a lot of questions that we had. 

Responses to requests usually came within a day, but it is worth noting that they appear only to come during business hours. However, we did get responses even at the weekend.

The website has an FAQ section that can be found in the footer of any page on its website. The FAQ has answers to lots of important questions about many different aspects of the service including questions relating to the encryption provided by the service. However, the answers are a bit low on actual technical details, which would be useful for judging the efficacy of the security provided by the platform. 

pCloud also provides a Blog which has articles about using pCloud features. This article are well written and are a good resource for learning to get more out of the service.

Conclusion

pCloud is easy to use and its availability for multiple platforms is sure to make it a worthy storage provider for many people. However, for the more paranoid among you, its US-based server center and proprietary encryption may be enough to turn you off.

The fact that the service is closed source is problematic, because it means you can’t be 100% certain about what it is doing with your data. As is always the case, whether pCloud is for you will largely depend on your own personal threat model.

The lack of end-to-end encryption for all uploads means that you aren’t getting complete security 100% of the time. And, because you can’t use the e2ee Crypto feature for files that you intend to share with fellow contacts; this service is not suitable for secure file sharing. 

To be fair on the service, the availability of end-to-end encryption does make it better than some of its mainstream competitors. However, if you are looking for a completely zero-knowledge service with secure sharing; we recommend looking elsewhere. 

On the other hand, if you just want to store files, and aren’t particularly worried about securing everything with e2ee, this service is pretty cool. And it makes sharing files via a link very easy indeed. 

Get pCloud

Written by: Ray Walsh

Digital privacy expert with 5 years experience testing and reviewing VPNs. He's been quoted in The Express, The Times, The Washington Post, The Register, CNET & many more. 

4 Comments

stefanon
on June 12, 2020
Reply
I'm very upset about the pCloud storage. It is my worst spent money. I subscribed to an offer for 2TB space + Crypto yearly plan. They do not advise you at the renewal time and that you'll pay the full price for all the products. I'd liked to switch to a smaller one as I'm using a fraction of the 2TB space. But can be comprehensible, they want your money, also if any other company I've used has more fair user care. But the problems are others. The service is for me really slow for access. I'm on a 200/20Mb/s VDSL in Europe, but my upload to Dallas TX is only 2Mb/s ... I don't think it's something my provider can limit, as the support told me, I'm more inclined to think that their USA server is too far for me living in Italy. Also, download is slow even if speedtest for the location area looks much better, so should be related to their server. They do not advertise storage servers location clearly, as the fact they are Swiss-based. But the worse is other. I contacted support as I'm experiencing errors accessing some files in the Crypto folder. The support confirmed this as a bug with the last couple of versions of the Windows desktop app, still without a solution, so you'll not be sure to get your files back. If you can't rely on getting data back from your cloud service, your service is not only useless but dangerous. I'd better spend my money on another external disk and be happy.
Diego Achio
on April 13, 2020
Reply
If you are thinking about purchasing pCloud, read this first, it’s long but you’ll thank me. I purchased pCloud’s lifetime license + free Crypto folder after reading all positive articles about it available online, thinking it was a great deal. They run permanent offers giving you more storage than other companies plus free Crypto folder for 99 years, usually for a single $300-$400 USD payment. They advertise themselves as the most secure cloud storage service out there, they have this pCloud drive you install in your PC and they advertise it as a “desktop application that creates a secure virtual drive on your computer, which you can use to easily store, access and work with your files in the cloud” and of course, their Crypto Folder which provides the “highest level of file protection in the cloud” and they say it is “as easy as placing a file in a folder” and that “You can choose whether you want your whole profile encrypted or only a part of it.” All of that sounds pretty cool and I gave up my Dropbox account and got pCloud because of it but here’s the truth behind all the advertisement: I did everything the way they told me, I installed the pCloud drive in my PC and laptop, I stored my most important files in my Crypto folder and I used everything as advertised and as intended. After the refund period was over (because they give you a refund period), I tried to open a cashflow I had been working on during the past 6 months but Excel said it was corrupted when I tried to open it. I got in touch with customer service and they were helpless, they just said “what’s in your crypto folder cannot be recovered and maybe it became corrupted because you did something wrong.” At the time I thought so too, “maybe I did something wrong, these things happen”, but something in me felt unsettled, so I went and copied everything in my Crypto folder into my computer’s HDD, a local backup and suddenly it became a nightmare, file after file, impossible to copy “There has been a writing error” it said. I lost 28 files in total, they were corrupted too and it took me 4 days to finish my local backup because the writing error of 1 file wouldn’t allow a full folder to be copied. Now I was sure it wasn’t my mistake, there were files there that I had for cold storing, sensitive files I basically never open I just sent them to my Crypto folder because it had the “highest level of file protection in the cloud” and I did it like they said, “as easy as placing a file in a folder.“ I got in touch with customer service, I was enraged but I tried to be a good customer, I told them about the issue, and I asked them for a refund. I no longer trusted pCloud and I sure was not using it anymore for my important work files. My hopes were getting a refund, deleting my account, and going my way. Regardless of having screenshots and proof of their product corrupting my files, they adopted a position in which they made every possible effort to blame me, I kept counter-replying all their accusations like “maybe you edited the files in the cloud, that’s not secure” and “writing errors can happen, it’s not our fault”. I kept replying and trying to explain and I even got to beg them for a refund. I didn’t want to lose my important files forever PLUS my money. But their policy is not customer satisfaction, their policy is shielding themselves. In the end, I noticed the pattern they adopted against me, for a detailed email I sent, they replied something redundant and trying to make it my fault. In their last email, they replied “pCloud did not fail to provide you with its Business agreement anyhow so the refund request for something which you purchased for free during a promotion is not possible.” So, beware of pCloud. Their promotions look very attractive to the eye and the wallet but if you are thinking about purchasing it for storing important files such as work files, important family pictures or videos that cannot be recovered in case of corruption, I would better stick to other services. I’m not getting my refund nor my lost files, and I won’t be using their products anymore, let them keep my empty lifetime account for 99 years. I rather pay a subscription service elsewhere as long as I feel my important files are safe.
Anton
on February 12, 2020
Reply
I am looking for a more secure Dropbox alternative. I saw in your review that files can be previewed, but in the Android app I just get file icons for PDF and XLS files, no thumbnails like in the Dropbox app. What's even more, PDF files needs to be opened with Google Drive PDF Viewer or Dropbox PDF Viewer, how about that? Can't understand they have not build in a simple PDF viewer them self. I can not open XLS files "could not find application on your device to open this file" I uploaded an XLS file from Google Drive and to my surprise it was converted into a PDF file? Now I was wondering, is there any secure (so with encryption) file storage service that has a mobile app in which I can see the thumbnail and preview the file, just like in Dropbox or Google Drive, or is that something that can't be achieved because of the encryption maybe? Another No-Go for me with pCloud is the inability to select all files at once in a folder, it is incredible that such a simple feature is not implemented.
Kenneth M.
on January 20, 2020
Reply
I am using pCloud and have ordered Crypto for my files, as indeed the other type of encryption is not so secure in terms of GDPR. I think that your review as a whole is based on that space mostly and not on the Crypto, as the Crypto beats anything - they told me they own their servers and with zero-knowledge encryption, the Crypto is better than any other thing ever invented from what I understand. They are also having a new EU data centre, so I would like to check the review based on that after they open it up for new users. Thank you!
Got Something to Say?

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives: