Secure File Transfer

This is how the data is being transferred from the lender to Qlarifi and back.

Data Encryption

Before sending any data file, you will need to encrypt the file with a GPG key, using RSA (sign+encrypt) with a 4096-bit-key.

See Annex E for detailed instructions on how to encrypt files using GPG.

Data Transfer

Qlarifi will provide a SFTP address where the encrypted files can be sent. This address will be unique to each lender. The SFTP will only be open for a specific period of time agreed upon. Access is granted to specific individuals only and should not be shared with anyone, even within the company. SSH key will be shared through a temporary 1Password secure link.

Alternatively, we could use a third party service such as https://trebuchet.me (recommended by the UK government).

Data Encryption​

Data Transfer​

Data Encryption

Data Transfer