The 6 Best Encrypted Email Service for Extra Security
A huge part of our internet activities are related to the use of emails, and if you are concerned about your online privacy and security, extra thought has to be put into your choice of an email service provider. Popular email services like Gmail and Yahoo can give you security to some extent, but their provision of data for personalized ads compromises your privacy to some extent. This defeats your needs for privacy and may not be the best for you if utmost privacy is your concern. So in this article, we would discuss what to look out for insecure email services, and also the best-encrypted email service you can choose.
Table of Content
Apart from your use of encrypted email services, you can secure your emails with the use of encryption software. The downside to this however is that the process requires tech knowledge and can’t be managed by everyone. User-friendly encrypted email services would offer you good security and keep you anonymous even if you are not tech-savvy.
What Does Encryption Mean in Term of Email?
Even though emails could be encrypted, not all services are equal. Some email providers store the emails in a way that cannot be accessed easily by a third party, while some providers offer self-destructive messages that keep you anonymous. Even at this, the most secure way to keep the content of your email from prying eyes is to encrypt them using PGP. Some email service providers make it easy to encrypt your email with PGP, but they are security concerns about leaving your PGP encryption key online.
Even with all the encryption you have put in place, metadata is left behind when you send a message, and if the recipient of the message doesn’t use an encrypted email service, it will make all your privacy efforts futile.
Security Features to Look Out for in an Email Service
1. End-To-End Encryption
You need to have a good understanding of encryption to understand end-to-end encryption. Encryption helps to make data incomprehensible, and you can see this in websites with URL beginning with HTTPS. This implies that the sites are making use of Secure Socket Layer (SSL) to make the data you send to the server incomprehensible to third parties and prying eyes. With SSL, you can be sure that whatever data you send and receive from an SSL enabled server is encrypted. Most popular websites make use of SSL protection to protect their users from having their passwords or information stolen by someone spying.
The same applies to emails. When you send an email over an encrypted network, it means you have scrambled the message so that no one else can decipher the content of the mail without an encryption key.
With modern encryption, an encoded message can take a million computers sixteen million years to decipher. Popular email service providers like Gmail and Hotmail are not security-focused and so their encryption only covers data that is sent from your computer to the server. This means that your message can be read on the other side.
End-to-end encryption allows the user to be in control of their security. When you open your inbox to check your encrypted messages, a private key peculiar to your account is received and this key is uncrackable. This is what deciphers the encrypted message so that you can read it. It all happens in the background so you can’t witness the process.
Interesting Read : How to Protect Your Data when Visiting Non-encrypted HTTP Sites?
The use of encryption has always been resource-intensive to implement so it wasn’t always used. But with messaging apps like WhatsApp making a standard, and also due to the incident of Snowden’s NSA leaks, the use of end to end encryption has become a standard.
If your email service provides end-to-end encryption, your data would still be safe even if government authorities force them to hand your data over. This is because everything would be scrambled and can only be deciphered with the use of your private encryption key.
2. PGP Encryption
PGP also is known as Pretty Good Privacy was developed to guarantee secure and private email communications even over unsecured networks. It involves the use of public and private keypairs and is still being used today in tools like ProtonMail and Signal.
When using PGP, all encrypted emails are secured with a public key that serves as a padlock, and the password that authenticates you. The recipient of the email also ha to use their private key to unlock the padlock you have set so they can decipher and read the message.
Public keys and private keys are strings of mixed texts and they can also act as an email address. Some tools help to expose the functionality of the key to the user, while others control the keys in the background and handle the deciphering process for you.
Without the corresponding private key, any message encrypted with PGP would be illegible.
If the above block of texts is pasted into a decryption tool that is a matching pair to your private key, the contents would be revealed.
PGP decryption is done manually and is still used by many email services to date. They build it into the back end so that even though your emails arrive in legible plain texts, they are scrambled behind the scenes. All you have to do is keep your password safe and secure or else your adversary would be able to decrypt your text.
3. Two-Factor Authentication
Two-factor authentication is an added layer of security to your email accounts that make it useless even if your password has been cracked. This is so because two-factor authentication relies on two things:
- Something you know. It could be a username and password
- Something you have. It could be your mobile phone or a backup key
This layer of security is important because it makes sense not to completely rely on your password to keep your account safe. Passwords can be hacked, leaked, and once this happens your account would be compromised. But with two-factor authentication, it makes it more difficult to hack your account as the chances of a hacker having both your password and mobile phone at the same time is slim.
Interesting Read : How to encrypt Gmail to secure your emails?
Two-factor authentication can be used in different ways, but the most common way is by the use of a one-time token. When you want to sign in to your Google account from a new computer and you click on the google app, you would be sending a unique one time token to the server. It’s the same thing when you get a code by SMS when you try to log into twitter. The code is one-time use only so that it won’t be leaked.
4. Open Source
Open-source software makes its source code available to the public to inspect and improve. Android OS and Firefox browser are some examples of open-source software, unlike Microsoft Outlook. With Outlook, the software is packaged as an executable file and doesn’t allow for any inspection or edit. How does the open nature of software affect its security level?
With an email service like Outlook, you would be putting all your trust in the developers, believing that they have built a good enough security system. With open-source software that’s not the case as the software is transparent and open to public scrutiny for improvement. When bugs are discovered, they are made public and projects are put in place for debuggers
It doesn’t mean that closed source software is not secure, but with open-source, you can review the audits and proof. You are not forced to take the words of the developer blindly but you can see everything for yourself.
5. Metadata Handling
Some information about your computer is usually left behind after you send an email. Examples of such information include the web browser you use, the recipient, and also your network. This information is usually stored in the email header metadata and it is absent insecure email services for obvious reasons. To ensure your security, every form of information about you should be kept private as those who are after you can get a lot form even the tiniest bits of information they can find.
For users’ privacy, secure email services should get as little information as possible from users, and also strip the header metadata out.
6. Server Location
The location of your email service provider’s servers wasn’t much concern until it was discovered that Australia, Britain, Canada, New Zealand, and the US gather intelligence data on their citizens from servers in their territories, and share the same. Some countries have laws that respect the privacy of the public, and using an email service whose servers are in such countries can help with your privacy.
LimeVPN Picks for Secure Email Providers
1 . ProtonMail
ProtonMail is an end-to-end email service whose servers are in a secure bunker that can survive even a nuclear attack. It was created after the 2013 Snowden leak by a team of CERN Large Hadron Collider scientists and has over 5 million users making it the most used secure email service.
Its design is with the principle of zero access and zero-knowledge, implying that not even the staff have access to read your mails, or sharing them.
ProtonMail data is based in Switzerland and is protected by both the Swiss Federal Protection Act (DPA), and the Swiss Federal Data Protection Ordinance (DPO) which offer the best data protection in the world. It’s very unlikely that your data would be demanded from the service provider, but even if it were so it would have to be directly subpoenaed by the Cantonal Court of Geneva or the Swiss Federal Supreme Court. But even if that were the case, the data would be useless as it would be impossible to decipher due to the encryption.
Emails that are sent with ProtonMail are different from those sent with Gmail or Outlook in that they are encrypted even before being sent to the servers. This way no third party or hacker that intercepts your mails would be able to decipher what you have sent. ProtonMail is an open-source and this gives room for audits to seek out loopholes and confirm high security.
The super encryption of ProtonMail is great for security but could also be a barrier to usage. You can’t add your inbox from ProtonMail to a generic email app because these apps can’t encrypt emails on the client-side. You can get over this with the use of a dedicated ProtonMail app for your phone, or on desktop, you can use any generic app as long as you have the ProtonMail Bridge.
- Completely an open-source software
- Has security features like an end to end encryption, two-factor authentication, and message self-destruct
- They are dedicated mobile apps for both IOS and Android
- Allows files of up to 25MB and free storage of up to 500MB
- They are different pricing options, but the free choice is often adequate for regular users
There is a free plan that offers up to 500MB storage and 150 messages daily. Starting at 5GB of storage and 1,000 messages per day, you pay 4$ per month.
- Messages self-destruct, preventing the chances of leaks
- You can send encrypted messages to anyone irrespective of their email service provider
- It’s easy to use
- Secure encryption protocols
- Has mobile apps for your mobile devices for a better user experience
CounterMail makes use of more than 4,000 different types of PGP encryption keys, making it one of the most secure email service providers you can have. Its headquarters is located in Sweden, allowing it to protect its user’s privacy better due to the terms of privacy protection laws.
Just like with other secure email services, CounterMail uses end to ends encryption, ensuring that whatever message or data you send would be useless to any hacker. To enhance your security and privacy even further, it offers its own secure USB key option so that you can constantly send encrypted messages on the go.
- You get a free 7-day trial period
- Supports Mac, Android, Linux, and IOS
- Makes use of PGP as it utilizes 4,096 encryption keys to ensure your messages are secure
- Supports IMAP
- For increased anonymity, the servers don’t keep a log of IP addresses the servers are also diskless, and so instead of hard drives, they start from a CD-ROM for better online privacy.
- You have a USB key option that can be used in combination with your password to offer you even better security.
After the initial 7-day free trial period, you have different storage plans with varying storage space to choose from. For 400MB storage, you can pay $4.83 per month.
- Using its USB key option increases your security and protects you against keyloggers
- The no-logs policy and diskless web servers give you a high level of online anonymity as far as emails are concerned
- It’s compatible with all popular operating systems
- Even after paying for the highest storage, you can have additional storage added for a fee
With its servers in Belgium, Mailfence is one of the most secure email services you can use. It not only offers privacy but also gives you high security with its use of open PGP. You get other appealing features like calendars, documents, and contact tools in the cloud for better user experience.
Users of Mailfence can send encrypted messages to those who use other providers as long as the services are compatible with OpenPGP. You won’t have to manually decrypt the message and PGP users can import and manage their keypairs in the app.
Even though you get top-notch security, Mailfence isn’t user friendly. You can only engage end to end encryption after a keypair has been generated and the recipient’s public key has been uploaded. It’s complex and not the best choice for the less tech-savvy users.
- The free version is for 1 group providing 500MB of email, 500MB of documents, 1,000 events calendar, and email support.
- They are available business plans that are specific to your company’s needs
- Makes use of two-factor authentication
- Utilizes end to end encryption
- Payment is easy and the available methods are either through credit cards, PayPal, Bitcoin, and Litecoin.
- Android, IOS, IMAPs, POPs, SMTPs, Exchange
You can get 500MB of email storage for free together with 500MB for documents. Pricing starts at €2.50 per month to get 5MB of email storage and 12GB for the document.
- Its servers are located in Belgium, making it one of the most privacy promising email service
- It makes of OpenPGP to allow for audits and rapid debugging
- For regular users, you can benefit from the free version while meeting your needs
- With two factor authentication and end to end encryption, you are secure with an intact privacy
Tutanota is one of the most affordable and secure email services. It’s popular with over 2 million users and would always come up as one of the highly recommended encrypted email services. It utilizes end to end encryption, two-factor authentication, and has an A+ SSL certificate making it very secure; equal to ProtonMail.
Tutanota was one of the first email services to make use of DNS-based authentication of named entities (DANE) to protect its users against impersonation from hackers. It also makes use of end to end encryption just like other encrypted email services and so if you send a mail to someone who doesn’t use a service that offers end to end encryption, the email would come password-protected, and the response from the recipient would be encrypted using a one-time version of Tutanota.
There is webmail access and also apps for iOS and Android software, but you can’t use Tutanota with generic email apps as they don’t provide and support the end to end encryption.
- It’s open-source software and supports end to end encryption
- Makes use of two-factor authentication
- There are apps for android and iOS devices
- Messages can also be sent to non Tutanota users as they would be provided with a secure link to read their messages
- For free you have 1GB storage space
- You would use your domain
- Nonprofit organizations can enjoy the service for free
You can have up to 1GB storage space for free, and pricing is €1 monthly for larger storage and other features like custom domains and filters.
- The free version gives you a large enough storage space which is enough for regular users
- Its paid version is cheap
- Good security and privacy as it makes use of end to end encryption and two-factor authentication
- Nonprofit organizations can have free access
SCRYPTmail is one of the most secure email services that offer you extra security and keeps your data private. Its features include the end to end encryption it offers, two-factor authentication, and its open-source nature which makes it pen for audit by other professionals in a bid to improve it. Its servers are however based in the U.S.
An outstanding feature of SCRYPTmail is its ability to conceal your real email address from the recipient of your message, keeping your private and anonymous. It does this by offering you disposable email addresses which would be useful in cases where you are dealing with a person or business you aren’t sure of. This way you remain safe as your real identity is secure.
- Offers end to end encryption
- Its open-source, allowing for audit by professional for better service
- Has a disposable email address feature
- Makes use of two-factor authentication
For $2 per month, you can get 300MB of storage space. This can be increased to 1GB for $7 per month.
- Offers your two-factor authentication, making your account more difficult to be compromised
- You have an end to end encryption
- There is a disposable email address feature to improve anonymity
Created with values of privacy, ease of use, and sustainability in mind, Posteo offers you good security with its cool features.
It was the first email service to make use of DNS based authentication of named entities (DANE) and was made popular after the Snowden leaks. With this feature, its users are protected from impersonation (man in the middle attacks). To keep you protected and private, Posteo doesn’t ask for your identity and would go further in fighting for the right to withhold user data rather than hand them over to the authorities. Since Posteo doesn’t store user IP address or identifiable data, no seized content would be able to be linked to a user formally.
All data sent over its servers are encrypted but unlike others like ProtonMail, end to end encryption isn’t automatic. The implication of this is that leaked communication could be read in plain text. Its lack of end to end encryption makes it easy to use with generic email apps.
- You can move content from other email accounts
- Automatic replies
- Sign up can be done anonymously
- Payments for subscriptions can be done anonymously
- It’s an open-source code
- Has the calendar feature
- Comes with a filter for spam and viruses
- Sent emails are devoid of your IP address
- Has two-factor authentication
- AES encrypted hard disks
- TLS-sending guarantee ensures you don’t send emails to insecure systems
- TLS-encrypted transmission protects your emails and metadata
At €1 per month, you can have 2GB of storage and two aliases. The storage space can be increased to up to 20GB and each additional GB costs €0.25 per month.
- Keeps you anonymous
- You can make payments anonymously too
- It’s cheap
Don’t Forget Your VPN
Even though the email services mentioned here aim to keep your messages private and secure, they have their cons too. There is no telling what could go wrong with any of the encrypted email services you use, so it’s best you back it up with a VPN.
The best choice of a VPN would be one that ensures you remain anonymous and secure. With heavy 256-bit encryption, no logs policy, and a pool of IPs to choose from, limeVPN ensures that your online presence would be anonymous, and your shared data would remain private and secure.