Security
How Deck Clipboard Protects Your Data
Deck is built with a defense-in-depth approach to clipboard security: your history stays on your Mac by default, with optional layers like biometrics, encryption, and screen-share awareness.
Security pillars
Local-first storage
Clipboard history is stored in a local SQLite database on your Mac — not uploaded to Deck servers by default.
Touch ID protection
Lock sensitive clips behind biometric authentication so they are harder to access if someone else uses your Mac.
AES‑GCM encryption
Protected entries use modern authenticated encryption; encryption keys are stored in the macOS Keychain.
Screen-share protection
Deck can hide its window during screen recording and sharing so your clipboard UI does not appear on stream.
What Deck does not do
- No clipboard upload to servers by default
- No ad or third-party tracker SDKs
- No server storage of your AI API keys
- No account or sign-up required
- No selling or monetizing clipboard data
Sensitive content handling
- Detects sensitive patterns (e.g. cards, passwords)
- Per-app exclusion — skip capture entirely
- Password-manager clipboard type awareness
- Smart Rules for automatic filtering
Comparison with common alternatives
| Capability | Deck | Maccy | Paste |
|---|---|---|---|
| Local-first default | Yes | Yes | No (uses iCloud sync) |
| Touch ID | Yes | No | No |
| Encryption | AES‑GCM (protected items) | No | No (uses iCloud sync) |
| Screen-share hide | Yes | No | No |
| Ad / tracker SDKs | None | None | None |
Frequently asked questions
Yes — for typical workflows. You can use Touch ID on sensitive clips, exclude high-risk apps entirely, and lean on password-manager clipboard detection and Smart Rules. Passwords are still sensitive: combine exclusions and rules with your own judgment.
Not by default. Core clipboard history stays on your Mac in local storage. Network-related features (such as optional AI assistance) are separate and designed to be clearly scoped.
You can require Touch ID to view or paste protected items. That adds a biometric gate so sensitive clips are not visible from the history list without authentication.
Protected entries use AES‑GCM. Keys are stored in the macOS Keychain rather than plain text in app files.
Yes. Use the app exclusion list to skip clipboard capture from specific applications — useful for banking tools, password managers, or anything you never want in history.
Deck has not published an independent third-party security audit. The codebase is source-available on GitHub for transparency; whether that meets your requirements depends on your environment and policy.
Try Deck on your Mac
Download Deck and read the privacy deep-dive when you want more detail.
Requires macOS 14.0 or later