Understand the importance of end-to-end encrypted email for enhanced privacy and security, and how it compares to popular email services like Gmail
In today’s digital age, email remains a primary means of communication for both personal and professional purposes. However, the security and privacy of email services have come under scrutiny, as data breaches and unauthorized access to sensitive information continue to be a concern. End-to-end encrypted email offers a higher level of protection compared to traditional email services like Gmail.
We’ll explore the reasons why you might need end-to-end encrypted email and how it differs from Gmail and similar services.
The Importance of End-to-End Encrypted Email
End-to-end encryption ensures that your email messages are encrypted on your device before being sent, and can only be decrypted by the intended recipient. This means that even if a third party intercepts the message during transmission, they won’t be able to read its contents.
Here are some reasons why end-to-end encrypted email is essential:
1. Enhanced Privacy: End-to-end encryption protects the contents of your email messages from being accessed by unauthorized parties, including hackers, government agencies, or even the email service provider itself.
2. Data Protection: Sensitive information such as financial data, personal identification details, and trade secrets can be securely transmitted through end-to-end encrypted email, reducing the risk of data breaches and identity theft.
3. Compliance with Regulations: Businesses that handle sensitive data may be subject to regulatory requirements for data protection, such as GDPR or HIPAA. Using end-to-end encrypted email can help organizations meet these compliance requirements.
How End-to-End Encrypted Email Differs from Gmail and Similar Services
While popular email services like Gmail provide basic encryption during transmission, they do not offer end-to-end encryption by default.
This may change soon, as in December 2022, Google announced that it’s working on adding end-to-end encryption (E2EE) to Gmail on the web. This new feature will enable enrolled Google Workspace users to send and receive encrypted emails within and outside their domain, enhancing privacy and security for Gmail users. This move by Google is a significant step towards providing better protection for email communications and aligns Gmail more closely with other end-to-end encrypted email services.
Here’s how end-to-end encrypted email differs from Gmail and similar services:
1. Encryption Method: Gmail uses Transport Layer Security (TLS) to encrypt emails during transmission. However, TLS only protects data in transit, leaving it vulnerable to interception once it reaches the email provider’s servers. End-to-end encrypted email, on the other hand, encrypts messages on the sender’s device and can only be decrypted by the intended recipient, ensuring complete privacy.
2. Access to Email Contents: With Gmail and similar services, the email provider can access the contents of your messages, as they are stored in plain text on their servers. This means that they could potentially be accessed by hackers, government agencies, or even the provider itself. End-to-end encrypted email prevents anyone other than the intended recipient from accessing the contents of your messages. Additionally, it’s worth noting that Google used to read your emails to deliver targeted ads, and Microsoft reportedly collaborated with the National Security Agency (NSA) to intercept users’ communications, even helping to circumvent the company’s own encryption, according to top-secret documents obtained by The Guardian.
3. Third-Party Apps and Services: Many email services, including Gmail, allow integration with third-party apps and services, which can increase the risk of unauthorized access to your email data. End-to-end encrypted email services typically limit third-party integrations to maintain the highest level of security and privacy.
What Services Can I Use on iOS?
Based on LifeWired’s analysis, here are the 5 Best Secure Email Services for 2023, along with their pros and cons:
🇨🇭 ProtonMail. (iOS App Available)
ProtonMail is a free, open-source, end-to-end encrypted email provider based in Switzerland, accessible via its website or Android and iOS mobile apps. Its most notable feature is its end-to-end encryption, ensuring that nobody, including ProtonMail employees, ISPs, or governments, can access your messages without your unique password.
The service is so secure that it cannot recover your emails if you forget your password, as decryption occurs upon login. ProtonMail also doesn’t retain your IP address information, ensuring that emails can’t be traced back to you.
However, it’s important to note that ProtonMail has faced controversy in the past. The company was forced to log the IP address of a French activist and hand it over to Europol, resulting in the activist’s arrest. ProtonMail maintains that it doesn’t log IP addresses by default and only complies with local regulations, in this case, Swiss law.
The free version supports 1 GB of email storage and limits usage to 150 messages per day. Upgrading to Plus, Unlimited, or Business plans provides more storage, email aliases, priority support, and additional features like custom filtering options, auto-reply, built-in VPN protection, and a higher daily email limit.
By considering ProtonMail and its robust security features, as well as its compliance with local laws, you can make an informed decision on whether it’s the best fit for your needs in terms of enhanced privacy and security in your email communications.
Pricing (Free, $3.99/month Mail Plus, $9.99/month Unlimited)
2. 🇩🇪 Tutanota (iOS App Available)
Tutanota is an email service that shares similarities with ProtonMail in terms of design and security level. All Tutanota emails are encrypted from the sender to the receiver and decrypted on the device, with the private encryption key inaccessible to anyone else. However, it’s important to note that Tutanota has faced legal challenges in its home country, Germany.
According to TechCrunch, a regional court ordered Tutanota to develop a function that allows it to monitor an individual account. The encrypted email service provider has been fighting several such orders in Germany. This ruling, reported in the German press late last month, contradicts an earlier Hanover court finding that Tutanota, as a provider of web-based email, is not a telecommunications service.
By considering Tutanota and its security features, as well as its legal challenges, you can determine if it’s the right choice for your privacy and security needs in email communications.
Pricing (Free, $12/year -Premium, $48/year -Teams)
3. 🇨🇦 Hushmail. (iOS App Available)
Hushmail is a well-established encrypted email service that has been in operation since 1999. It secures emails using state-of-the-art encryption methods, ensuring that not even Hushmail can access your messages—only someone with your password can do so.
This service allows you to send encrypted messages to both Hushmail users and non-users with accounts on Gmail, Outlook Mail, or other similar email clients.
The web version of Hushmail offers an easy-to-use, modern interface for sending and receiving encrypted messages from any computer.
Hushmail for Healthcare offers additional features tailored to the healthcare industry, including Encrypted Email, a Private Message Center, optional Secure Forms, and Electronic Signatures. To assist with HIPAA compliance, Hushmail provides a signed Business Associate Agreement (BAA) and Email Archiving.
Pricing ($49.98/year for personal use)
4. 🇸🇪 CounterMail (Browser-Based)
CounterMail is a highly secure email service that offers a browser-based implementation of OpenPGP-encrypted email
The service stores only encrypted emails on its servers, which are located in Sweden. Moreover, CounterMail doesn’t store emails on hard disks; instead, all data is stored on CD-ROMs. This method helps prevent data leaks and ensures that data is likely lost if someone attempts to tamper with the server directly.
One unique feature of CounterMail is the option to set up a USB drive for further email encryption. The decryption key is stored on the device and is required to log in to your account, making decryption impossible even if a hacker steals your password. While this added physical security makes CounterMail less convenient to use compared to other secure email services, it does provide IMAP and SMTP access, which can be used with any OpenPGP-enabled email program, such as K-9 Mail for Android.
After a 10-day free trial with 100 MB of space, you’ll need to purchase a plan to continue using CounterMail. By considering CounterMail and its strong security features, you can decide if it’s the right choice for your privacy and security needs in email communications.
Pricing ($29/ 3 months, $49/12 months, $79/24 months)
5. 🇧🇪 Mailfence (Browser-Based)
Mailfence is a security-focused email service that offers end-to-end encryption, ensuring that only you and your intended recipient can read your messages. The service includes an email address and web interface that incorporates OpenPGP public key encryption, allowing you to create a key pair for your account and manage a store of keys for secure email communication.
While Mailfence enables access via IMAP and SMTP with secured SSL/TLS connections through your preferred email program, it cannot send encrypted messages to people who don’t use OpenPGP and have no public key available.
Mailfence stores your private encryption key on its servers but claims it can’t be read, as it’s encrypted with your passphrase (via AES-256). According to the company, there is no root key that would allow Mailfence to decrypt messages encrypted with your keys.
Pricing: from €3.5 to €29 per month)