Pretty Good Privacy (PGP) is an encryption system that is used both for sending encrypted emails and for encrypting confidential files. The PGP encryption method has established itself in the area of online data exchange, as it protects the transmission of data with a public and a private key.

How does PGP encryption work?

Upvest utilises the advantages of PGP, in particular to send files containing very sensitive, vulnerable and confidential data or to share them with clients in order to encrypt the data they contain. The most commonly used algorithm is the RSA algorithm - its role in file encryption is to protect the data contained in the files and to verify user authentication in advance.

First, PGP generates a random session key using one of its two (main) algorithms. This key is a large number that cannot be guessed and is only used once.

At the next step, this session key is encrypted using the public key of the anticipated recipient, i.e., the public key is tied to the identity of a specific person and anyone can use it to send them a message. The sender sends their encrypted PGP session key to the recipient and the recipient can decrypt it using their private key. The recipient can then use this session key to decrypt the actual file.

The following diagram illustrates how PGP works:

PGP en-/decryption process

Use cases

The main reason for PGP encryption is to ensure the security of your data using a combination of public and private keys. The algorithm used, usually the RSA algorithm, is considered largely unbreakable and is therefore ideal for encrypting files.

There are two main use cases where PGP keys are used with the Investment API:

  • Clients credentials issuing: When sharing your access credentials, this data is sent in a PGP-encrypted file.

  • Encryption of files: Reporting files are transmitted in encrypted form using PGP.