The 5 Most Secure and Encrypted Email Providers
From hackers to businesses and overreaching governments, many people are looking to snoop on our communications. Free email providers surreptitiously use software to mine information from your emails and contacts to sell you ever more targeted advertising.
If you’re fed up with this state of affairs and want to secure your communications from prying eyes, it might be worth choosing a secure, encrypted email service instead.
Why Should You Use an Encrypted Email Service?
Google’s Gmail has over 1.5 billion users, while Microsoft’s Outlook sports 400 million. There’s a good chance, then, that you currently use a free email provider. These services feel like they are good value for money—they are free after all—but they do come at a cost; your privacy.
We use email for our most private conversations and documents, so it makes sense that you’d want to keep them private. However, as with many free services, if you aren’t paying, then your data is the product. Google famously used to scan the content of your emails to show you targeted ads. They have since disabled that feature, but your data is still freely available to the provider.
This is further complicated by the relationships these providers have, willingly or otherwise, with law enforcement agencies around the world. Many of the world’s most popular email providers are based in the US, leaving them open to requests from law enforcement and the NSA. If you choose to use these services, you should encrypt your webmail service, too.
Encrypted email is the most secure alternative to free email providers, and allows you to keep your sensitive data private. Most encrypted email providers are located outside of the US, putting them out of reach of the NSA. Even if those agencies could gain access to your account, encryption means that only you can view your data.
Price: Free. Premium accounts available.
Storage: 500MB. Up to 20GB for premium accounts.
ProtonMail first launched in 2013 and was developed by researchers at CERN. Following a successful crowdfunding campaign, the open-source, encrypted email provider exited beta in March 2016. ProtonMail uses end-to-end encryption so that messages are only viewable by you and the recipient. Accordingly, it is widely considered one of the best private email services.
Although there are premium options, many of the service’s users are on free accounts. It is reasonable, then, to consider how they can sustain the service without leaning on targeted advertising. Fortunately, the company operates a Defence Fund which can support the service for up to a year without any other revenue.
All data is stored on the company’s servers in Switzerland—a country well known for its tough stance on privacy and data protection. Importantly, ProtonMail has open-sourced parts of their service. The code is available on ProtonMail’s GitHub for anyone to view and verify the security of the platform.
Although emails to and from other ProtonMail users are end-to-end encrypted, if you communicate with unencrypted services like Gmail, ProtonMail will scan these emails to protect against spam. However, these messages are scanned in memory, meaning that they aren’t kept and will be overwritten in very little time. As soon as the email has been examined, it is then encrypted. If all this talk of encryption is getting confusing, you may want to read up on encryption terms you should know.
ProtonMail also doesn’t store any of your data once it’s deleted. If you delete an email, it’s really gone. The only exception is when the data has been stored in a backup, in which case it may take up to 14 days to be entirely removed. There is no need to submit any personal information while signing up. The company will even allow you to pay for premium accounts in the cryptocurrency Bitcoin.
ProtonMail’s parent company, Proton Technologies AG, also develops ProtonVPN, a multi-platform VPN. As with the email service, ProtonVPN offers free and premium tiers. Some ProtonMail premium accounts also come with access to ProtonVPN’s premium features. We even listed ProtonVPN as one of the best unlimited free VPN services.
Download: ProtonMail for Android | iOS | Web (Free)
Price: Free. Premium accounts available.
Storage: 1GB, upgradable.
Tutanota was launched in 2011 by the German company Tutao GmbH. The service’s name comes from the Latin for secure message. It should be no surprise then that Tutanota is a free encrypted email service. Their servers are also based in Germany, making them subject to Germany’s rigorous Federal Data Protection Act.
While that sounds great in theory, it’s also worth noting that Germany’s Federal Intelligence Service collaborated with their American counterparts, the NSA, in their surveillance programs. While that impacts all data held in Germany, there’s no suggestion that Tutanota has ever been complicit. However, for the privacy-focused, it is worth keeping in mind as one of the best encrypted email services.
Like ProtonMail, Tutanota uses end-to-end encryption to ensure the privacy of your emails. Where things differ slightly is in how the service handles external emails. If you send a message to another email service like Gmail, Tutanota sends a link to a temporary account where the recipient can view the message.
Tutanota is open-source, too, with the code available on the Tutanota GitHub page. All data stored in your inbox is encrypted, with only metadata like sender, recipient, and date visible. However, their FAQ states that they are looking into encrypting metadata too.
The company uses 2048-bit RSA and 128-bit AES encryption methods. However, they do not support PGP, a feature often used to judge secure email providers. That said, they believe their encryption offers advantages over PGP, like encrypting the subject line. There’s also room for them to build more encrypted services in the future, like the available-to-all calendar and planned cloud storage.
While you can open a Tutanota account for free, they too offer paid-for options. A Premium account costs just 12€ per year and allows you to add an additional user, use up to five aliases, and enables support for custom domains.
Download: TutaNota for Android | iOS | Web (Free)
Price: Free. Premium accounts available.
Storage: 500MB of emails, 500MB of documents as standard.
Mailfence is a free secure email service from the creators of ContactOffice. Following the Snowden revelations documenting US government surveillance, ContactOffice felt there was a need for a privacy-focused email service.
Their servers are in Belgium, and, as with many European countries post-GDPR, the country has strong privacy laws. These regulations usually favor the consumer rather than the company, strengthening protections. Unlike some countries—namely the Five Eyes nations—there is no evidence to suggest Belgium collaborated in the NSA surveillance schemes.
One concern when choosing a new digital service is whether it will remain operational for years to come. ContactOffice was started in 1999, and so the company has proven longevity. They also earn operational funds for Mailfence by licensing the software to businesses. To do so, they need to keep their software proprietary, so, unfortunately, Mailfence is not open-source.
Unlike the other services in this list, Mailfence is more than just a secure email provider. An account also provides access to calendars, contacts, and document storage. Free accounts come with storage space for 500MB of emails, 500MB of documents, and one calendar. Entry and Pro accounts upgrade this storage and add additional features. Bolstering their privacy-focused credentials, you can even opt to pay for your account using Bitcoin.
Disappointingly, there is no Mailfence mobile application. However, the company has stated one has been in development since at least 2017. If this is a deal-breaker, you could send encrypted email on Android using OpenKeychain instead. For the time being, though, if you want to manage your Mailfence mail on your smartphone, you’ll need to pay for a premium account. This gives you access to Exchange ActiveSync, POP, IMAP, and SMTPS.
Mailfence is end-to-end encrypted and supports OpenPGP. You can generate a key on your computer, which is then encrypted using 256-bit AES and stored on Mailfence’s servers. They also support two-factor authentication to prevent unauthorized access to your account.
Taking a stand for your principles is admirable in itself, but alongside that ContactOffice donates 15 percent of the income from their Pro plans to the pro-privacy organizations. Currently, donations go to the Electronic Frontier Foundation (EFF) and the European Digital Rights Foundation (EDRi).
Download: Mailfence for Web (Free)
Storage: 1GB, upgradeable.
Disroot is a free secure email provider based in the Netherlands. Although free email services, especially those without premium options, are generally not recommended, Disroot is an exception. The service was set up in response to the lack of similar services and is run by volunteers, supported by donations.
There’s not just email here; Disroot has a comprehensive range of productivity and communications tools bundled in an Office-style web service. Unlike many of their peers, Disroot is open-source, decentralized, and some of their services are federated, too.
Although there are many reasons to use open-source software, most people do so because of what it stands for. To them, the open-source community represents the freedom and ideals of the early internet, before large companies came to dominate the sector. Disroot is part of this movement, expanding beyond open-source into decentralization and federalization.
Federalization is a popular feature of alternative social networks, allowing different services to communicate with one another. However, Disroot’s email service remains resolutely private. The service has been operational since 2015, although usage is hard to pin down as the company doesn’t keep track of active users.
Download: Disroot for Web (Free)
Storage: 2GB, upgradeable.
Posteo is an encrypted email provider based in Germany. In many ways, Posteo is the best alternative to ProtonMail and replicates many of the features found on other services. However, unlike ProtonMail, your data is centrally encrypted on Posteo’s servers, rather than end-to-end encrypted.
While that does mean that it isn’t the safest email provider, there are upsides to the lack of end-to-end encryption. For example, you can easily set up your Posteo account on any email software or app, giving you greater control over how you access your mail. Your account comes bundled with an Address Book and Calendar, too, smoothing the transition from Gmail or Outlook.
Posteo has been operational since 2009, making it one of the longest-running secure email services. However, its popularity and use increased dramatically after the Snowden leaks. Around the same time, Posteo introduced the DNS-based Authentication of Named Entities (DANE). This technology prevents man-in-the-middle attacks, and forces provider-to-provider encryption where available.
They also offer a one-click option to encrypt all of your emails, attachments, and other data using their Crypto Mail Storage feature. After activating the encryption, your emails will no longer be accessible on the server without your password. This prevents Posteo or any third-party from accessing your data on the server.
However, Crypto Mail Storage is an optional feature, which is off by default. To protect your data even without this encryption, all of Posteo’s servers, located in Frankfurt, are encrypted. They are hosted at a third-party data center, but this encryption prevents anyone at the data center from accessing your data.
Posteo is also focused on financial and environmental sustainability. All of their servers and offices run on green and renewable energy from Greenpeace Energy. To ensure the company can work independently, they have no debts, take out no loans, and are supported only by user subscriptions. Even their finances are conducted through Umweltbank, one of Germany’s environmental banks.
Download: Posteo for Web (Subscription required)
The Most Secure Email Provider
Many free email providers don’t take steps to protect your privacy, or they even take steps to undermine it. Switching to an encrypted email account is a change worth making and is a simple way to improve your security. When choosing, it’s essential to evaluate the provider on their encryption methods, how they finance the service, and where the servers are located.
Of course, no online service is entirely secure, no matter the ethics of the provider. There will always be hackers and surveillance agencies looking to expand their ever-growing databases. To increase your security, don’t forget the basics. That’s why you may want to consider improving your cyber hygiene and looking at our tips for handling data at work.
Read the full article: The 5 Most Secure and Encrypted Email Providers