Security at Aircloak

At Aircloak, security is not just a feature – it is in our DNA.

As the leading provider of data anonymization solutions, the privacy of your customer data is our top priority. This is not just marketing for us – we really live it.

In order to address various shortcomings in the field of data anonymization, such as missing certifications by Data Protection Authorities or no generally applicable standards, we have launched various features, measures and projects.

Aircloak Attack Challenge

We launched and operated the world’s first bug bounty for anonymized data re-identification. A community of leading privacy researchers from Universities such as the MIT, UCL, EPFL are working hard to make sure that Aircloak stays the most secure data anonymization solution.

We are proud and responsible in our hunt for flaws and make sure that our live system delivers what it promises at all times.

More Information about the Attack Challenge



Open General Data Anonymity Score Project

In close collaboration with the Max Planck Institute for Software Systems, we are working on a general metric for measuring and benchmarking the efficiency of different anonymization algorithms. The General Data Anonymity Score compares the privacy and utility of different data anonymization methods based on the EU Article 29 criteria for anonymity.

Soon you will be able to measure the effectiveness of K-anonymity, Differential Privacy or Diffix and see which algorithm performs best!

More Information about the GDA Score

Additional Security Features

Aircloak Insights is built to be minimally invasive to your critical corporate IT infrastructure. Our software should give you a competitive edge, not be a liability!

As one expects of software today, all communication channels are encrypted by default. Audit logging and rich authentication and authorization schemes are offered out of the box.

On top of this Aircloak Insights supports air-gapped deployments, source code inspection, and is built on the published and battle hardened anonymization scheme Diffix.

More Information about Diffix

Diffix Vulnerabilities

We are as transparent as possible when it comes to communicating vulnerabilities.

Open publication of vulnerabilities discovered by Aircloak and patched are periodically published in academic papers, and not listed here. All vulnerabilities are communicated privately to Aircloak customers as they are discovered.

Here you can find the status and description of vulnerabilities to the Diffix anonymization system that have been discovered and openly published by third parties.

Aircloak Diffix Vulnerabilities Status






Patched Version

Patched Date

Expected Patch Date



April 2018

April 2018

October 2018



July 2018



April 2018


April 2018

Very Low



Q4 2019


May 2018

May 2018

October 2018



July 2018