You may not have anything to hide or be doing anything illegal but that doesn’t mean you’re going to be happy with other people reading your email. The Postal Service doesn’t open your mail and have a good read before they deliver your letter so why should the government or big business do the same to your email? With your security in mind, I have put together this quick list of eights of the most secure e-mail providers.
Each provider ensures you receive as much privacy as possible. They do not collect data, scan your emails for the NSA or even allow the government to access server data. After Yahoo has been called out for installing special software to read your email, more people than ever before will be using secure email. The more the better!
So here are eight secure email providers I think are worthy of your custom. Each offers a little something different, so there is bound to be one here that fits.
ProtonMail says they were inspired by Snowden and that their datacenter is in the middle of a mountain in Switzerland. The service uses end to end encryption, two factor authentication and browser-side decryption so your email is about as safe as it gets. Once you log in, you see an encrypted mailbox. You enter a second password and the inbox is decrypted locally on your machine, not on the server. The servers are also based in Switzerland, where the NSA has no jurisdiction.
ProtonMail also uses 2048 bit encryption for the data and AES-256 for transmission so your email is safe at all times.
Tutanota is another outfit that offers secure email to users. Instead of using PGP like most secure email providers, they use a purely custom solution that uses 2048 bit RSA keys and AES-128. It also offers iOS and Android apps and an Outlook plugin for maximum compatibility.
Tutanota’s code is now open source and can be independently verified. It also allows non-Tutanota users to be able to read and reply to encrypted email, which is great if not everyone you know uses the service.
3. Kolab Now
Kolab Now is another Swiss-based secure email service but it comes with a premium. You do receive a 30 day trial, but after that you need to pay a nominal amount to continue using it. This is more a business-centric service that also offers chat, email, secure file storage and other enterprise features.
Kolab Now doesn’t list exactly what security protocol it uses, just that it uses the latest, most secure of them. It is also based in Switzerland which is one of the last bastions of true privacy left in the world.
Countermail also offers end to end encryption, 4096 bit keys, OpenPGP and other security protocols to keep email safe. Despite using a website from the 1990s, the service itself is highly regarded. The service also offers a USB dongle to provide a physical key necessary to decrypt emails. This sets it apart from others as long as you don’t mind the extra step.
Countermail also uses diskless mail servers, which means they cannot save or record any data. So even if a request came in from a government agency, there is nothing for them to provide.
Another reputable secure email provider is Mailfence. Based in Belgium, this service is also highly regarded and secure. Like Kolab, Mailfence also offers document storage, contact hosting, calendar syncing and a range of other services. It also offers free and premium accounts with different feature levels.
The service uses end to end encryption with two-factor authentication. It also has iOS and Android app compatibility and will work with most browsers.
Posteo.de as the URL suggests is a German secure email provider. That said, the English translation is excellent and American users would have no problem using the service. It isn’t free, costing around $1 per month for 2GB of mail storage. However it does have IMAP and POP support, comes with two-factor authentication and allows anonymous signup. However, you can still be identified by your payment method unless you use cash.
That said, this is mature service that is easy to set up and use and touts sustainable operation if you’re into that kind of thing.
LuxSci is a U.S. based secure email provider that offers both free and paid accounts. It has an advantage in that it also offers HIPAA-compliant email and messaging, which could be useful for company customers. The service uses end to end encryption, anonymous SMTP protocols, TLS, SSL and all the usual tools. There is two-factor authentication too for a little extra protection.
LuxSci works with iOS and Android too for maximum flexibility. As this service is primarily for business, there are premium services available as well as email. It’s a good option for small to medium-sized enterprises who want to keep their data safe.
Our final offering is from SCRYPTmail. It offers end to end encryption, including metadata, Grade A HTTPS transport, uses AES-256 encryption and a series of open source encryption protocols. It will also play nicely with external email users and will keep everything safe if you tick the box.
It does look like SCRYPTmail is based in the U.S. but it uses strong encryption to keep it as safe as possible.
Each of these secure email providers takes great care in protecting your data. Some make more of a song and dance about being outside the U.S. but this isn’t the only security consideration you need to take into account. What you do need to analyze is the amount and type of data the company retains, whether it uses true end to end encryption, what kind of encryption it uses and whether it has two-factor authentication or not.
It is also useful is the service offers encrypted email capability to non-customers. So if you send an email to Outlook or Gmail, encryption is still available. Be aware that if you pay for a service, you can be identified by your payment method unless you secure that too.
Do you already use a secure email service? Tell us about your experience below!