diff --git a/owncloud/Dockerfile b/owncloud/Dockerfile
index 13dd901..a594ad3 100644
--- a/owncloud/Dockerfile
+++ b/owncloud/Dockerfile
@@ -1,9 +1,11 @@
 FROM alpine:edge
 MAINTAINER Wonderfall <wonderfall@schrodinger.io>
 
-ARG VERSION=9.0.2
-ARG APCU=5.1.3
-ARG APCUBC=1.0.3
+ARG OWNCLOUD_VERSION=9.0.2
+ARG APCU_VERSION=5.1.3
+ARG APCUBC_VERSION=1.0.3
+
+ARG GPG_owncloud="E303 6906 AD9F 3080 7351  FAC3 2D5D 5E97 F697 8A26"
 
 ENV GID=991 UID=991
 
@@ -44,21 +46,27 @@ RUN echo "@commuedge http://nl.alpinelinux.org/alpine/edge/community" >> /etc/ap
     php7-dev@testing \
     php7-pear@testing \
  && mkdir /owncloud && cd /tmp \
- && wget -q https://download.owncloud.org/community/owncloud-$VERSION.tar.bz2 \
- && wget -q https://download.owncloud.org/community/owncloud-$VERSION.tar.bz2.sha256 \
- && wget -q https://download.owncloud.org/community/owncloud-$VERSION.tar.bz2.asc \
- && wget -q https://pecl.php.net/get/apcu-$APCU.tgz \
- && wget -q https://pecl.php.net/get/apcu_bc-$APCUBC.tgz \
+ && OWNCLOUD_TARBALL="owncloud-${OWNCLOUD_VERSION}.tar.bz2" \
+ && wget -q https://download.owncloud.org/community/${OWNCLOUD_TARBALL} \
+ && wget -q https://download.owncloud.org/community/${OWNCLOUD_TARBALL}.sha256 \
+ && wget -q https://download.owncloud.org/community/${OWNCLOUD_TARBALL}.asc \
  && wget -q https://owncloud.org/owncloud.asc \
- && sha256sum -c owncloud-$VERSION.tar.bz2.sha256 \
- && gpg --import owncloud.asc \
- && gpg --verify owncloud-$VERSION.tar.bz2.asc \
- && tar xjf /tmp/owncloud-$VERSION.tar.bz2 --strip 1 -C /owncloud \
- && tar xzf apcu-$APCU.tgz && tar xzf apcu_bc-$APCUBC.tgz \
- && cd apcu-$APCU && phpize7 && ./configure --with-php-config=/usr/bin/php-config7 && make && make install \
- && cd ../apcu_bc-$APCUBC && phpize7 && ./configure --with-php-config=/usr/bin/php-config7 && make && make install \
+ && wget -q https://pecl.php.net/get/apcu-${APCU_VERSION}.tgz \
+ && wget -q https://pecl.php.net/get/apcu_bc-${APCUBC_VERSION}.tgz \
+ && echo "Verifying both integrity and authenticity of ${OWNCLOUD_TARBALL}..." \
+ && CHECKSUM_STATE=$(echo -n $(sha256sum -c ${OWNCLOUD_TARBALL}.sha256) | tail -c 2) \
+ && if [ "${CHECKSUM_STATE}" != "OK" ]; then echo "Warning! Checksum does not match!" && exit 1; fi \
+ && FINGERPRINT="$(LANG=C gpg --verify ${OWNCLOUD_TARBALL}.asc ${OWNCLOUD_TARBALL} 2>&1 \
+  | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
+ && if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
+ && if [ "${FINGERPRINT}" != "${GPG_owncloud}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
+ && echo "All seems good, now unpacking ${OWNCLOUD_TARBALL}..." \
+ && tar xjf ${OWNCLOUD_TARBALL} --strip 1 -C /owncloud \
+ && tar xzf apcu-${APCU_VERSION}.tgz && tar xzf apcu_bc-${APCUBC_VERSION}.tgz \
+ && cd apcu-${APCU_VERSION} && phpize7 && ./configure --with-php-config=/usr/bin/php-config7 && make && make install \
+ && cd ../apcu_bc-${APCUBC_VERSION} && phpize7 && ./configure --with-php-config=/usr/bin/php-config7 && make && make install \
  && sed -i "s/;env\[PATH\]/env\[PATH\]/g" /etc/php7/php-fpm.d/www.conf \
- && apk del $BUILD_DEPS php7-dev php7-pear \
+ && apk del ${BUILD_DEPS} php7-dev php7-pear \
  && rm -rf /var/cache/apk/* /tmp/*
 
 COPY nginx.conf /etc/nginx/nginx.conf
@@ -75,8 +83,8 @@ VOLUME /data /config /apps2
 EXPOSE 80
 
 LABEL description="A server software for creating file hosting services" \
-      owncloud="ownCloud v$VERSION" \
-      apcu="apcu v$APCU" \
-      apcu_bc="apcu_bc v$APCUBC"
+      owncloud="ownCloud v${OWNCLOUD_VERSION}" \
+      apcu="apcu v${APCU_VERSION}" \
+      apcu_bc="apcu_bc v${APCUBC_VERSION}"
 
 CMD ["tini","--","run.sh"]