What is True File Locker?
True File Locker is an Android app for protecting sensitive files with strong encryption. Files added to the vault are encrypted using AES-256 before being stored, and the original plaintext file is securely deleted from its source location. No decrypted version of a protected file ever sits on the device's storage - files are only decrypted in memory when the user opens them within the app, and are immediately re-encrypted when the user closes them or exits the vault.
The app supports biometric unlock (fingerprint and face recognition) in addition to PIN authentication. There is also a hidden vault mode: the app can disguise itself as a calculator on the home screen. Entering a specific PIN into the calculator opens the vault. This is designed for situations where the user needs to deny that a protected vault exists - common sense security rather than just technical security.
There is no cloud backup, no sync to external services, and no analytics. Everything stays on the device. The app does not require internet permission. This means the data is protected by the strength of the encryption and the user's PIN or biometric - there is no backend system that could be compromised to expose the vault contents.
What it does
AES-256 encryption
Files are encrypted using AES-256-GCM before storage. Encryption and decryption happen in memory - no plaintext version of a protected file is written to the device's persistent storage.
Biometric unlock
Supports fingerprint and face recognition via the Android BiometricPrompt API. Falls back to PIN if biometrics are unavailable or fail. The vault key is stored in the Android Keystore, tied to biometric authentication.
Hidden vault / calculator disguise
The app can appear as a functional calculator on the home screen. Entering a secret PIN into the calculator opens the vault. This gives users plausible deniability in situations where they need it.
Secure file deletion
When a file is imported into the vault, the original is overwritten with random data before deletion, preventing file recovery through standard data recovery tools.
Encrypted photo vault
Photos and videos can be stored in the vault with thumbnail previews that are generated and displayed in-memory, never written to a separate decrypted cache on disk.
Encrypted notes
A built-in encrypted notes editor. Notes are encrypted with the same key as the file vault and stored in the same protected container. Useful for passwords, PINs, and other sensitive text.
No internet permission
The app requests no internet permission and makes no network calls. Vault contents cannot be exfiltrated over the network by the app itself. Data protection relies entirely on local encryption and device security.
How it's built
True File Locker is built natively for Android in Kotlin. Encryption uses the Android Keystore system and the Javax Crypto API with AES-256-GCM. Biometric authentication uses the BiometricPrompt API tied to the Keystore key. File operations use Android's SAF (Storage Access Framework) for source file access and Java IO for vault storage. All vault data is stored in the app's private internal storage directory.