A secure mail is an electronic message that has been encrypted to protect the content from being read by entities other than the intended recipients. Secure mails are also known as encrypted mails. Regular email providers are transmitted in the clear (not encrypted) form. This means that the message can be intercepted and viewed by 3rd parties.
Every year, millions of records are being leaked or lost to cyber security breaches and about 96% of these records weren’t encrypted. Intercepting unencrypted mails is relatively easy and hackers are able to break in, steal staff identities, and mine valuable trade secrets.
Email is a relatively old technology compared to modern team communication tools, and it has technical limitations that make its age a real barrier to security. On the bright side for the four billion email users, developers and security researchers are consistently coming up with ways to improve on this old technology for it to be viable and safe in the age of rapid and intelligent attacks.
Features of secure email services
Most people already use Gmail or Outlook, and while there’s nothing really wrong with them, they aren’t really safe. Gmail provides basic encryption but that alone isn’t enough to counter professional hackers. These holes in common email services pose no threat to the average user but are highly detrimental to people who transfer highly confidential data. For example, a normal user won’t really mind having their server location exposed but to an activist who can reasonably expect their communications to be subpoenaed by the government, this is a major threat.
Different people require different levels of security for their emails. If you are interested in getting a secur mail or you just want to know about it, this next section contains the features you’ll often find as part of secure email.
End-to-end encryption
Encryption is a method of obscuring data by making it impossible to read with out a code or an encryption key. By sending an email over an encrypted network, you are basically scrambling the plain text content of the email so it’s impossible to read without an encryption key, which functions like a password.
End-to-end encryption means putting information under a tightly encrypted lock until it is opened up by the receiver. Uploading information on an end-to-end encrypted email service automatically generates an encryption key that’s unique to your account. When information is sent, the server gives the recipient the encryption key so they can access the information, making it impossible for hackers and the government to see the contents of the mail. This process all happens in the background for end-to-end encrypted tools.
Encryption can be resource-intensive to implement but it’s almost 100 percent guaranteed to hideyour emails. Today, end-to-end encryption has become standard thanks both to messaging apps like WhatsApp. End to end encryption has also become standard thanks to the public’s increased paranoia after incidents like Snowden’s NSA leaks, which revealed the extent to which world governments monitor their citizens, even Google’s systems weren’t safe from prying eyes.
PGP encryption
Pretty Good Privacy (PGP) is a system that was designed in the early 1990s as a way to guarantee the security and privacy of email communications over insecure networks. PGP involves the use of private and public key pairs, and is implemented today in secure communications tools like ProtonMail and Signal
Emails encrypted with PGP use a public key like a padlock to secure the contents, in addition to using your password to authenticate with your email service. With this, the message cannot be intercepted; the receiver then uses their own private key to unlock the padlock and read the message. These keys are simply long strings of text that function like passwords.
Two-factor authentication
Two-factor authentication makes a cracked password useless and the hacking process exponentially more difficult by adding an extra layer of security. Two Factor authentication requires two forms of verification. First off, something you know (like a username and password) and something you have (like your mobile phone or a backup key)
This makes your security rely on two pillars rather than just a password. A vast majority of hacks around the world are done by accessing a user’s password. Two factor authentication increases security because the likelihood of a hacker having access to both your password and your phone or physical backup is vastly lower.
This method is augmented in a number of ways but the one time token is the most common. By using the Google app to sign in from a new computer, you’re sending a unique token to the server that can be used only once. This unique token can also be sent through an SMS; not requiring Gmail. This makes it easier to recover your account if you lose access.
Open source
Open source software is basically software that makes its source code available for users, developers, and the community to inspect and improve like google’s android and Mozilla firefox. Closed source software like Microsoft Outlook, comes packaged as an executable file and can’t be inspected or audited.
While closed source software does not necessarily mean your information is unsecure, it just means that you are putting faith in the developers to make a secure service; this is not always the case.
However, with open source software, you don’t have to worry because they are developed with complete transparency because that’s how they thrive and improve. All their bugs are made public and large projects are fixed by thousands of dedicated debuggers.
Metadata handling
Information about your computer, web browser, network, and recipient is always broadcasted when an email is sent. It is stored in the email header as metadata and can be viewed by anyone. Metadata contains little information but in the right hands, you can easily be ripped off.
With the tiniest sample of metadata, hackers can gain an intimate lens into a person’s life. They could understand your routines and call patterns. A proper secure mail provider should strip header metadata out and collect as little data as possible about its users to protect their privacy.
Here are some of the best secure mail providers