Why DirectFileTransfer Is a Web App, Not a Native App

Every week, someone asks us: "When are you releasing a native app?" It's a fair question. Native apps feel more "real." They sit on your home screen. They're in the app store. They must be better, right?

We thought hard about this. And we deliberately chose not to build one. Here's why — and why that decision actually makes DirectFileTransfer more private, more secure, and more accessible than any native file transfer app.

What Your File Transfer App Can See

When you install a native app on your phone, it asks for permissions. Most file transfer apps request some combination of:

• Storage / Files: Full access to read every file on your device
• Photos & Media: Access to your entire photo library
• Camera: For QR code scanning (reasonable), but the app can technically take photos anytime
• Contacts: Some apps want this for "easy sharing" — now they have your address book
• Location: For "nearby device discovery" — now they know where you are
• Background activity: The app runs even when you're not using it

Once you grant these permissions, the app has them until you explicitly revoke them. Most people never check. The app can read your photos at 3 AM on a Tuesday, and you'd never know.

This isn't hypothetical. In 2024, a security researcher found that several popular file sharing apps on the Google Play Store were uploading device metadata and file listings to analytics servers — not the files themselves, but enough to profile what kind of files you have and when you access them.

What a Web App (PWA) Can See

A Progressive Web App running in your browser has a fundamentally different permission model:

• No file system access: The app can only see files you explicitly select through the file picker. It cannot browse your folders, read your photos, or scan your documents.
• No contacts: The browser doesn't expose your address book to websites. Period.
• No background access: When you close the tab, the app stops. It can't run in the background reading your files or phoning home.
• No location by default: The app would have to ask, and the browser shows an explicit prompt. We don't ask because we don't need it.
• Camera only on demand: QR scanning uses the camera only when you tap the scan button, and only for that moment.

The browser acts as a security sandbox. The web app runs inside it and can only access what the browser — and you — explicitly allow. This isn't a limitation we work around. It's a privacy guarantee we rely on.

When you pick a file to send on DirectFileTransfer, we see that one file. Not your photo library. Not your Downloads folder. Just the file you chose.

No Install, No Waiting, Always Up to Date

Native apps add friction that most people don't think about until they need to transfer a file right now:

• Both people need the app installed. You can't send a file to someone who doesn't have the app. With a web app, you share a link — they open it in any browser and they're connected.
• You might be running an old version. If you haven't updated the app in a month, you could be missing security fixes. Web apps update instantly — every time you open the page, you're on the latest version.
• Storage space on your phone. Another app taking up space for something you use once a week.
• Not available everywhere. Some apps aren't on all platforms. Some get removed from app stores. A URL works everywhere, forever.

The practical difference: with a native app, you need to plan ahead. With a web app, you just open a link.

But Don't Native Apps Perform Better?

This is the main argument for native, and it has some truth. Here's the honest breakdown.

Where native apps win:

• Background transfers: A native app can keep transferring files while you switch to another app. A browser tab can get suspended by the OS, especially on mobile. We mitigate this with Wake Lock (keeps the screen on during transfers), but it's a real limitation.
• Low-level networking: Native apps can use optimized network protocols, potentially achieving higher throughput on local networks.
• Deeper file system integration: Native apps can save files directly to any folder. Browsers are more restricted in where they can write (though Chrome's File System Access API and streaming downloads have narrowed this gap significantly).

Where web apps win or match:

• WebRTC performance: Browser-to-browser WebRTC is highly optimized. Modern browsers typically achieve 10-30 MB/s on WiFi and even faster on wired connections — more than enough for most transfers.
• Streaming to disk: On Chrome and Edge, files over 500 MB stream directly to disk via the File System Access API. The file doesn't load into memory. This is the same approach native apps use.
• Cross-platform consistency: One codebase works identically on every platform. Native means building and maintaining separate apps for iOS, Android, Windows, Mac, and Linux — five codebases instead of one.
• Zero install: The app works instantly. No download, no install, no "update required" screens. Open the URL, transfer your files.

The Performance Gap Is Smaller Than You Think

Let's talk real numbers.

• Same-network LAN transfer (WiFi 6):
• Native app: 30-60 MB/s typical
• Browser WebRTC: 10-30 MB/s typical
• Difference: native is faster on LAN, but for most transfers under 2 GB the time difference is seconds

• Over the internet:
• Both limited by your upload speed (typically 5-50 Mbps)
• Protocol overhead is negligible compared to bandwidth bottleneck
• Difference: effectively zero

• File size handling:
• Native: Streams to disk, limited only by storage
• Browser (Chrome/Edge): Streams to disk via File System Access API for large files
• Browser (Safari/Firefox): Buffers in memory, practical limit ~1-2 GB on mobile

The honest answer: for files under 2 GB (which covers the vast majority of transfers), there's no meaningful performance difference. For very large files on Chrome or Edge, streaming to disk closes the gap. The only scenario where native clearly wins is multi-gigabyte transfers on Safari or Firefox — and even then, the gap is closing as browsers improve.

What You Give Up for That 10% Speed Boost

To get native app performance, you trade away:

• Privacy:
• The app can access your file system, photos, and potentially contacts
• It can run in the background without your knowledge
• Analytics SDKs are common in native apps — tracking what you do and when
• The app binary is compiled and opaque; you can't inspect what it's doing

• Convenience:
• You have to install it on every device (and convince the other person to install it too)
• Updates are manual or delayed
• App store availability varies by region and platform
• Storage space used on your device

• Transparency:
• Compiled native code is hard to audit
• Web app code runs in the browser and can be inspected by anyone (View Source)
• Browser DevTools let you see every network request the app makes
• No hidden background activity

A web app is inherently more transparent. You can open your browser's DevTools and see exactly what data DirectFileTransfer sends and receives. With a native app, you're trusting a black box.

PWA: The Best of Both Worlds

DirectFileTransfer is a Progressive Web App (PWA). This means:

• Install to home screen: Tap "Add to Home Screen" and it looks and feels like a native app — full screen, its own icon, no browser chrome
• Offline capable: The service worker caches the app shell, so it loads instantly even on slow connections
• Push notifications: We can notify you when a peer connects (with your permission)
• Wake Lock: Keeps the screen on during active transfers
• File handling: On supported browsers, you can share files directly to DirectFileTransfer from your OS share sheet

You get 90% of the native experience with 100% of the browser's privacy sandbox. No app store, no permissions creep, no background surveillance.

The Comparison

When Native Actually Makes Sense

We're not anti-native. There are genuine use cases where a native app is the better choice:

• Automated sync: If you need files to sync automatically in the background between your own devices (like Syncthing), a native app is necessary
• Huge files on Safari/Firefox: If you regularly transfer 10+ GB files specifically between iOS/Firefox devices, native handles memory better
• Enterprise deployments: MDM-managed native apps give IT departments more control

But for the core use case — sending files from one person to another, securely, right now — a web app does everything you need without asking for permissions it shouldn't have.

The Bottom Line

We chose to build DirectFileTransfer as a web app because we believe your file transfer tool shouldn't need access to your entire phone. It shouldn't run in the background. It shouldn't know your contacts. It shouldn't be a compiled black box you can't inspect.

The browser sandbox isn't a limitation — it's a feature. It guarantees that we can only see the files you choose to send, and nothing else. No native app can make that promise, because the moment you grant permissions, you're trusting the developer's intentions rather than a technical guarantee.

Next time someone asks why we don't have a native app, the answer is simple: because we respect your privacy too much to ask for permissions we don't need.