Popular, intuitive and feature rich as it is, Gmail is not without its flaws. Privacy concerns have, time and again, reared its head when it comes to most of Google’s web-based services, and Gmail, unfortunately, is no exception to that rule. The company has often had to face criticism for its alleged snooping on users’ emails to search for keywords that are then used for targeted – or as Google calls it, “contextual” – advertising. So, for those who feel uncomfortable using Gmail (or any of the other mainstream email services for that matter) because of privacy concerns, we have compiled a list of the very best encrypted email services with end-to-end encryption that you can use without worrying about any unauthorized entity getting their hands on your private conversations.
It’s important to remember here that Gmail also encrypts its emails, so any random hacker is unlikely to get access to your messages, but Google itself does have the keys to decrypt them, and as an U.S.-based company, will need to comply with the country’s laws and hand them over to law enforcement authorities should it receive a court order to that effect. Which is exactly why you may be better off using some of the services mentioned below if privacy is an overriding concern for you. So, without further ado, here are the 4 best email encrypted services you can use:
ProtonMail was founded at the CERN research facility in Switzerland back in 2013, but has only been available to the general public since last year, after having remained invitation-only for the first few years of its existence. It is, by far, the most popular encrypted email service available today, and you can access it either through the website on your browser or via the mobile apps that are available on both Android and iOS. The service supports end-to-end encryption, which means your messages are encrypted from the moment they leave your device to the moment they reach the intended recipient(s). The company claims to use secure implementations of AES, RSA and OpenPGP encryption algorithms, along with open source cryptographic libraries that have been vetted by eminent cryptographers and cyber security experts from around the world, which should greatly reduce the risk of backdoors from either cyber-criminals or government agencies with scant regard for personal privacy.
Not only does the service use end-to-end encryption of its emails, it also employs two-factor authentication and browser-side decryption, which means the emails are only decrypted locally on the client computer rather than on the company’s own servers. ProtonMail not only allows you to send emails to other ProtonMail account holders, but also to users outside the ProtonMail system, although, those are password-protected and can only be deciphered by using a unique key shared between the sender and the receiver. You can also set an expiration date for your mails so that the messages will be erased from the ProtonMail servers on a permanent basis after a pre-designated period of time.
However, for all its security, ProtonMail does have a few drawbacks that have held it back from becoming more popular than it currently is. First off, it doesn’t offer IMAP or POP3 access, which means you cannot view your ProtonMail messages in popular email clients like Microsoft Outlook and Mozilla Thunderbird. For the very same reason, you won’t be able to set up your ProtonMail client to send emails using any non-Proton email accounts either. While it is intended to be a security feature, the fact that the company doesn’t even offer support for the POP3 and IMAP protocols as an option is something that makes it difficult for many to switch over to ProtonMail for good.
Visit Website (Free, Premium plans start at $5 per month)
Lavabit is an open source, encrypted email service founded in 2004 by Leder Levison. The service is known to have been used by former CIA employee and NSA contractor-turned-whistleblower, Edward Snowden, who was accused of leaking classified information about U.S. government surveillance programs to the media. The service actually decided to shut down operations in August 2013 after deciding not to comply with a U.S. court order to hand over its SSL (Secure Sockets Layer) private keys to law enforcement agencies investigating the Snowden leaks. However, like a Phoenix from the ashes, Lavabit was resurrected earlier this year with a completely revamped architecture that addresses the issue that led to the service’s demise almost exactly fours ago.
In its latest avatar, Lavabit also comes with a whole bunch of security enhancements that makes the service more secure than ever before. First off, to address the SSL key issue, the company claims that it now stores its private keys in a tamper-resistant format that will destroy the message and the metadata associated with it, anytime it detects an attempted intrusion. Also, unlike in its first iteration, the company doesn’t even have access to the SSL keys for the messages being sent through its platform, which should further pacify users desperate to preserve their anonymity online.
What’s most intriguing, however, is the all-new DIME (Dark Internet Mail Environment) platform that the company promises to use for the redesigned end-to-end encryption of emails. The open source platform, developed largely by convicted hacker Steven Watt, aims to replace existing security protocols, OpenPGP and S/MIME. With DIME, you don’t just encrypt the message, but also get to obfuscate the metadata that includes other potentially-crucial information, like the identities of the sender and the receiver. Until recently, Lavabit 2.0 was only available to its original users who had lost access to their accounts after the service had shut down unceremoniously back in 2013, but the company has now opened up registrations to one and all.
Visit Website (Premium plans start at $30 per year)
Tutanota is one of the newer entrants into the world of encrypted emails, having entered the industry just a couple of years ago. However, within this short space of time, it has already become a respected name in the world of encrypted email services, and uses 2048-bit RSA keys for its end-to-end encryption and AES-128 protocol for transmission, ensuring the safety of your emails. Right off the bat, the service has a lot of similarity with ProtonMail. Like ProtonMail, Tutanota also offers mobile apps on Android and iOS, and like ProtonMail, you’ll get the option to use a free tier alongside paid services that come with more bells and whistles. However, while ProtonMail offers only 500MB of storage to its free users, Tutanota offers up to 1GB, which is certainly welcome. In case 1GB isn’t enough for you, you can always upgrade to the paid tier that will cost you just 12 Euros per year.
However, even though the service is largely similar to ProtonMail, including the interface design, there are also some major differences between the two. First off, the service doesn’t allow users to set timers for their messages to self-destruct, so unless done manually, the mails remain in the the company’s servers, even if in an encrypted form. Another point worth mentioning here is that it doesn’t allow non-paying users to create alias email addresses, although, paying users can create at least 5 or more, depending on the package chosen. On the plus side, though, Tutonata uses an open source encryption algorithm that’s licensed under GPL v3, and has been independently verified and vetted by cyber security professionals. Like ProtonMail, Tutanota also has its servers in Switzerland, protected by fierce privacy laws, and away from the reach of the NSA and the FBI.
Visit Website (Free, Premium plans start at 12€ per year)
Based on a custom Squirrel email interface, CounterMail is yet another security and privacy-focussed webmail service based out of Sweden. It is one of the oldest and most well-known encrypted email services around, and has been around since the nineties. Like its peers and competitors on this list, it also offers end-to-end encryption using OpenPGP, with SSL-MITM to prevent Man-In-The-Middle attacks. The service actually comes with a number of interesting and unique features that makes it stand out from the crowd. First off, CounterMail stores messages and other data in the memory (RAM) of the company’s live CD-powered servers, and not on any hard disk, so even computer forensics won’t be able to recover the data once lost. For an added layer of protection against keyloggers and brute force attacks, you can also buy yourself a USB dongle with your custom keyfile that needs to be used in conjunction with your password for a two-factor authentication.
Unlike some of the other services on this list, CounterMail doesn’t have a free tier. It does, however, come with a free one-week trial, after which, you’ll need to pay either $19 for 3 months, $35 for 6 months, or $59 for the whole year, depending on your requirements. It also accepts Bitcoin payments for added privacy and allows users to create aliases, so you’ll never require to reveal your true email ID if you don’t want to.
However, like any other secure email service available in the market today, CounterMail also has its own drawbacks. Not only is the price a bit on the higher side, but the problem with not using hard drives to store data is that you get meager amounts of storage space, irrespective of the plan you choose. While the 1-year plan nets you 500MB of storage, the other two gets you just half as much. You can, of course, buy extra storage, but you’ll have to pay exorbitant prices for similarly bite-sized storage options.
Visit Website (Premium plans start at $19 for 3 months)
Best Encrypted Email Services You Should Use
There are a number of other services that claim to safeguard your mails with end-to-end encryption, but very few offer any real details about their data storage, encryption protocols and policies when faced with demands from law enforcement agencies and court orders to reveal user data. That being the case, it would probably be wise to stick to the tried and tested, rather than experiment with something new that may or may not prove to be the diamond-in-the-rough that you were hoping it would turn out to be.
Of course, most of us have very little to hide and would never really need anything with air-tight encryption, but that doesn’t mean we’re not entitled to our privacy. In case you’re particular about privacy but unwilling to leave the familiarity of your regular webmail provider, you may also install your own encryption software and send encrypted emails through services like Gmail or Yahoo Mail, but you’ll need to share your encryption keys with the intended recipient beforehand for that to work.