If you store your files in the cloud but don't want to give up your privacy, there's a solution that puts control in the palm of your hand: Cryptomator for Android. This app encrypts your data on the device itself and allows you to upload it protected. for fire favorite storage service.
The idea is simple: you create a vault, choose a password, and work with your files as usual, but with an added layer of security. The content and even the file names travel encrypted, and you decide where to store them, either in the cloud or on your phone's local storage.
What is Cryptomator on Android and why use it?
Cryptomator is a client-side encryption tool designed to protect your data before it leaves your phone. You have the key to your data, not the cloud provider or third parties, which dramatically reduces the risk of unauthorized access.
Its basic principle is simplicity: without extra accounts or strange configurations, you start by creating a vault and assigning it a password. You can even unlock your vaults with your fingerprint., streamlining daily life without losing security.
Another advantage is platform independence. Access your vaults from mobile phones and computers, maintaining a consistent workflow across all your major devices.
Highlighted features on Android
Ease of use by flag. You create a vault and that's it.: No need to register another account or touch a command console. Plus, biometric unlocking integrates well with Android.
Broad compatibility with cloud services. In its full version, it supports Dropbox, Google Drive, OneDrive, and S3 and WebDAV-based services. You can also work on the device's local storage, which is useful if you sync with third-party apps.
Top-notch security. Content and file names are encrypted with AES-256, and the vault password is protected with scrypt to harden brute force attacks.
Safe behavior by default. Vaults are automatically locked when the app is sent to the background., reducing exposure if you leave your phone unattended.
Technical transparency. As an open source project, Its cryptographic implementation is publicly documented and the code can be audited by anyone.
Recognitions. The project received the CeBIT Innovation Award 2016 for security and privacy-oriented usability. It's an award-winning solution used by hundreds of thousands of people..
Where to download Cryptomator on Android: official channels
Today you can get the app through various channels, each with its own unique features. These are the main roads To install Cryptomator on your mobile:
- Google Play
- Cryptomator official website
- Cryptomator F‑Droid Repository
- F‑Droid Main Repository
- Accrescent
- Compiling from source using Gradle
Please note that depending on the channel, You can find variants with different integrationsSpecifically, there are builds on F‑Droid with limitations that we detail below.
Important licensing note: Some distributions require a key for activation. You can get the license key at https://cryptomator.org/android/.
F-Droid: repositories, installation and differences
If you prefer F‑Droid, you have two sources: the Cryptomator's own repository and the main F-Droid repositoryFrom your mobile device, you can open the repo link or scan a QR code to easily add it. If you want to do without Google services, see the guide on how to do this. Use Android without a Google account.
There are restrictions on dependencies and API keys in F‑Droid builds. Some builds exclude Google Drive due to proprietary dependencies. and Dropbox, Google Drive, OneDrive, and pCloud for requiring API keys that are not distributed with the app.
About direct APK download: Although you can download and install APKs manually from F‑Droid, You won't receive update notifications and it's less secure. It is recommended to install and use the official F‑Droid client to stay up to date.
Requirements and sizes: There are versions that require Android 8.0 or higher, with packages of ~15–18 MiB. F-Droid signs APKs and offers build logging and PGP signing for verification.
Compatibility differences between editions
Cryptomator Full Edition for Android supports popular providers: Dropbox, Google Drive, OneDrive, in addition to S3 and WebDAV-based services. This gives you the flexibility to use your usual cloud.
In certain F‑Droid builds, for reasons already discussed, Dropbox, Google Drive, OneDrive, and pCloud are not available..
Regardless of the channel, You can create vaults in Android local storage, which is useful if you manage syncing with external apps or if you don't want to touch the cloud.
Fingerprint unlock works when the device allows it, facilitating quick access to your vaults without typing the password every time.
Security and Privacy: How Your Data Is Protected
Cryptomator encrypts both file content and file names using AES with a 256-bit key length. This prevents obvious metadata leaks., not just the content itself.
The vault password is derived and protected with scrypt, a feature designed to strengthen resistance against brute force attacks, increasing the cost of mass attempts.
To reduce the risk of carelessnessVaults lock automatically when the app goes into the background. So if you switch apps or leave your phone, your vault won't be unlocked.
The cryptographic implementation is public and the code base is open, allowing independent audits and provides visibility into how encryption works internally.
What's new in version 1.11.1
One of the latest featured releases includes significant improvements and fixes. Cryptomator Hub now receives the device ID when retrieving the vault key, which improves traceability in that flow.
A potential crash when handling very large files and exporting large folders has also been fixed. Stability with heavy content wins with these settings.
Build from source and verify builds
If you want to build the app yourself, you'll need a suitable development environment. Prerequisites include Git, JDK 17, and Gradle.
Before connecting to some providers, you'll need to set up environment variables with your keys. For Dropbox, OneDrive and pCloud names such as:
- Release Build:
DROPBOX_API_KEY,ONEDRIVE_API_KEYyONEDRIVE_API_REDIRCT_URIoPCLOUD_CLIENT_ID - Debug build:
DROPBOX_API_KEY_DEBUG,ONEDRIVE_API_KEY_DEBUGyONEDRIVE_API_REDIRCT_URI_DEBUGoPCLOUD_CLIENT_ID_DEBUG
For Google Drive, You must create a project on Google Cloud Platform with the Drive API, credentials with the relevant scopes (read, write, delete, etc.) and the fingerprint of the key with which you will compile the app.
There is a Docker workflow to verify the “lite” flavor build. The process is summarized in cloning, choosing the label and building the image, then compile the APK inside the container and compare:
# 1) Clona el repositorio y ve a la etiqueta deseada (por ejemplo, 1.8.0)
# 2) En buildsystem/, construye la imagen Docker:
docker build -t cryptomator-android .
# 3) En la raíz del proyecto, compila la variante lite release:
docker run --rm -u $(id -u):$(id -g) -v $(pwd):/project -w /project \
cryptomator-android ./gradlew clean assembleLiteRelease
# 4) Compara el APK generado con el de la release, por ejemplo:
apksigcopier compare --unsigned apk1 apk2
Published APKs are signed with a certificate whose SHA-256 fingerprint is: f7c3ec3b0d588d3cb52983e9eb1a7421c93d4339a286398e71d7b651e8d8ecdd. You can verify the signature with apksigner verify --print-certs Cryptomator.apk.
If you're going to contribute, please review the contribution guidelines and code style. It is recommended to apply reformat with import optimization and reordering before opening a PR; in Android Studio, you can automate this with a macro upon saving.
The project maintains a Code of Conduct for an open and inclusive community. Respect it if you report bugs, translate or contribute code..
Licensing: The software is released under GPLv3 for FOSS projects and also under a commercial license for ISVs and distributors. If you need different conditions, please contact project support..
Installation and update recommendations
If you value automatic updates and verification, it's best to use Google Play or the F‑Droid client with the corresponding repository. Manually installing APKs is less secure and does not notify you of new versions..
In F‑Droid, note the minimum Android version requirement (8.0 or higher on many builds) and the binary size. Also check the PGP signature and build log. if you want maximum traceability.
Remember that vendor compatibility may vary depending on the source. If you depend on Google Drive, Dropbox or OneDrive, be sure to use the edition that integrates them.
How it is used in everyday life
The basic flow is straightforward: open the app, create a vault, and choose a strong password. From there, you save or move files within that vault., which will be what you sync with your cloud.
If your phone allows it, activate biometric access so you don't have to enter your password every time. Automatic locking when the app goes into the background has your back. against carelessness.
For clouds not supported on certain builds, rely on WebDAV or S3 if your provider allows it. Another option is to use third-party synchronization with local storage to keep the vault up to date.
Community, networks and privacy on the web
The project has an active community where you can answer questions, share flows, and learn tricks. You can follow the Mastodon channel at @cryptomator@mastodon.online and the Facebook profile on /Cryptomator.
When browsing third-party threads and resources, please remember that some platforms have their own data policies. For example, Reddit and its partners use cookies and similar technologies to provide and maintain the service, improve its quality, personalize content and ads, and measure advertising effectiveness.
In that context, you can accept all cookies or reject non-essential cookies, although Some technical cookies will continue to be used to ensure functionality. See their Cookie Notice and Privacy Policy for more information.
Beyond Android: Cross-Platform
Cryptomator is an ecosystem that also covers the desktop, so you can open your vaults on Windows, macOS, or Linux. This facilitates a seamless flow between mobile and computer., without changing tools for each environment.
For reference, the Windows channel reports version 1.17.1 with its corresponding changelog. The coexistence of mobile and desktop versions is key to maintain encryption consistency across your environment.
If you're concerned about protecting personal or professional data in the cloud and want an open, audited, and convenient solution, Cryptomator on Android fits the bill: AES‑256 encryption with protected filenames, Keys under your control, verifiable builds, and installation options for every taste, from official stores to F-Droid and its own compilation. With broad compatibility (or limited compatibility in certain variants if API keys are missing), automatic locking, and biometric support, it's a mature, award-winning tool with an active community that lets you protect your files without complicating your life.
