How Switzerland's ProtonMail Delivers End-to-End Email Encryption

 
 
By Don Reisinger  |  Posted 2016-03-22
 
 
 
 
 
 
 
 
 
  • Previous
    How Switzerland's ProtonMail Delivers End-to-End Email Encryption
    Next

    How Switzerland's ProtonMail Delivers End-to-End Email Encryption

    As the controversy over email encryption continues to heat up, we look at key features of Switzerland's ProtonMail. Is end-to-end encryption the answer?
  • Previous
    It All Started in Switzerland
    Next

    It All Started in Switzerland

    ProtonMail is based in Switzerland, which has some of the most stringent data-protection laws in the world. As the company notes, the Swiss Federal Data Protection Act and Swiss Federal Data Protection Ordinance protect all data within the Alpine nation's jurisdiction. That means ProtonMail messages are beyond the reach of U.S. and even European Union investigative authorities and only Switzerland's courts could order the company to hand over data.
  • Previous
    Understanding End-to-End Encryption
    Next

    Understanding End-to-End Encryption

    ProtonMail has assured prospective users that its platform provides end-to-end encryption. End-to-end encryption means data is inaccessible to third parties from the moment it's sent to the moment it's received and read. The only way to read that data would be to have full control of a user's account and the messages it contained. Without end-to-end encryption, ProtonMail would be just another email service.
  • Previous
    Every User Can Be Anonymous
    Next

    Every User Can Be Anonymous

    To add an even higher level of security, ProtonMail says that users are not compelled to input any information about themselves to sign up for an account. Users can simply request a ProtonMail account and start sending messages. At no point will ProtonMail ask for personal information or house it in its servers.
  • Previous
    The Service Is Free
    Next

    The Service Is Free

    Like many startup email platforms, ProtonMail is completely free. In addition, ProtonMail has reassured its "community" that it will keep its platform free forever. However, there are some limitations to the free version, including a 500MB storage limit and restricting users to sending just 150 messages per day.
  • Previous
    But ProtonMail Hopes Users Support the Platform
    Next

    But ProtonMail Hopes Users Support the Platform

    Although ProtonMail is free, the company has paid versions for those who want more features. ProtonMail Plus comes with 5GB of storage and allows users to create their own custom domains. It also supports up to 1,000 messages per day. It costs 5 euros, or $5.63, per month. Another version, called ProtonMail Visionary, is available for 30 euros, or $33.80, per month. That service offers up to 20GB of storage, 10 custom domains and 50 email addresses. It also doesn't limit the number of messages that can be sent and received each day.
  • Previous
    ProtonMail Promises to Work Anywhere and Everywhere
    Next

    ProtonMail Promises to Work Anywhere and Everywhere

    ProtonMail says that its email application can work anywhere and everywhere. The company now offers downloadable iOS and Android applications, but an Internet-based application can work across Windows, Macs, Linux and any other platform, the company says. As long as a user can access the Internet, ProtonMail should work.
  • Previous
    ProtonMail Asserts There Are No Backdoors to Its Encryption
    Next

    ProtonMail Asserts There Are No Backdoors to Its Encryption

    ProtonMail has provided some insight into how it encrypts messages. Most importantly, the company uses open-source cryptography libraries, so at any time, users can be reassured that the algorithms it uses "do not have clandestinely built-in backdoors." All messages rely on AES, RSA and OpenPGP for encryption.
  • Previous
    What About Other Email Platforms?
    Next

    What About Other Email Platforms?

    Interestingly, ProtonMail doesn't just provide end-to-end encryption between its own users. In fact, if a ProtonMail user sends a message to someone who uses Gmail, for example, the message is still secure. ProtonMail achieves that by sending to the non-ProtonMail recipient a link rather than the actual message. When the email recipient user opens the link, the encrypted message is opened in the browser and can be decrypted with a passphrase separately provided by the sender.
  • Previous
    Support for Self-Destructing Messages
    Next

    Support for Self-Destructing Messages

    Given its commitment to privacy, it's perhaps no surprise that ProtonMail comes with self-destructing messages. Users can set an expiration time on an email they've sent. Once that time has come, the message will be automatically deleted from the recipient's inbox. According to ProtonMail, it works with both ProtonMail inboxes, as well as emails sent to other email services.
  • Previous
    ProtonMail Is Serious About Hardware Security
    Next

    ProtonMail Is Serious About Hardware Security

    While the software security sounds solid, what about the other side: hardware? Well, it sounds like ProtonMail has that covered. The company owns and controls its own server hardware at several locations around Switzerland. Most importantly, the data never finds its way to the cloud, where it could be hacked, and the company's primary data center is "under 1,000 meters of granite rock in a heavily guarded bunker which could survive a nuclear attack." All of the company's servers use fully encrypted hard disks and "multiple password layers."
 

Privacy advocates, such as Apple, argue that individual privacy is a right, and therefore, encryption is critical to defend that right. However, law-enforcement officials say that although encryption is a useful privacy tool, it can impair their ability to uncover dangerous criminal activities and even terrorist conspiracies. While debate rages over which side is correct, ProtonMail is decidedly in Apple's camp. ProtonMail, developed by a team of computer scientists and software developers, is an email application designed to secure communication from one end to the other. ProtonMail uses encryption that's strong enough to make it impossible for anyone, including ProtonMail itself or law enforcement, to access the content of those messages. Moreover, the company doesn't requires new users to enter personal information to set up an email account. Along the way, it incorporates typical user-friendly email features users have come to expect from other online services, such as Gmail. Read on to learn more about ProtonMail's features and what the company does to keep communication safe.

 
 
 
 
 
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel