What Is Secure Email and How It Works?
Back when email entered limited use in the 1960s and 1970s, security wasn't anyone's top priority. Today, our security requirements are radically different, yet email hasn't changed all that much. The internet email message format, as it's defined by RFC 5322, specifies a syntax for text messages that are sent between computer users, but it doesn't deal with encryption or any other means of preventing unauthorized access to personal information exchanged via email.
Over the years, many technical workarounds to ensure better privacy of email communication have been implemented by email providers, and several secure email services have emerged, offering high levels of privacy and security.
All best email service providers today have implemented transport level encryption using TLS, which is a cryptographic protocol that provides communications security over a computer network. Without TLS, the communication between email servers is transmitted as plain text, and anyone with relatively rudimentary knowledge of computer networks can intercept it and read it.
However, most secure email providers go a step further and offer full end-to-end encryption, meaning the data is encrypted and decrypted only at the endpoints. In practice, end-to-end encryption allows you to encrypt an email at your end and send it to someone using a secure email service without any possibility of the email being decrypted by the secure email service.
The most popular data encryption standard that allows anyone to send and receive end-to-end encrypted email messages is OpenPGP. If you're wondering how to send a secure email using OpenPGP, we recommend you read this excellent tutorial from The Privacy Guide.
But you can also skip the reading because most free secure email providers make end-to-end encryption incredibly easy by hiding all the complicated technical stuff behind an intuitive user interface. In the next part of this article, we talk about 6 most secure email providers and the services they offer.
6 Most Secure Email Providers
If you're curious to know what is the most secure email provider today, our answer may disappoint you: there's none. Secure email service providers generally keep quiet about their low-level security practices to make it harder for cybercriminals and professional hackers to breach their systems.
The only way how to reliably assess how secure an email provider is to look at its security history. We've selected 6 best secure email providers with flawless security track records that allow you to send secure email messages with ease while charging very little for their services.
ProtonMail was founded in 2014 at the CERN research facility by Andy Yen, Jason Stockman, and Wei Sun. This highly rated provider of secure email services is based in the Canton of Geneva, and its servers are located at two locations in Switzerland and protected by strict Swiss privacy laws, placing them outside the reach of both EU and US.
All emails that come through ProtonMail are secured automatically with end-to-end encryption, which means that even ProtonMail can't read them. To create a secure email account with ProtonMail, you're not required to submit any personal information, and ProtonMail doesn't even keep any IP logs which could be linked to your anonymous email account.
- Open source
- No-logs policy.
- Lacking customer service.
Headquartered in Canada, Hushmail was founded by Cliff Baltzley in 1999 as an encrypted proprietary web-based email service offering PGP-encrypted email using OpenPGP standards. Today, Hushmail serves both business customers and individual home email users. Hushmail has recently released an app for the iPhone. The app supports two-step verification, Touch ID, and multiple accounts and aliases, making it one of the most secure email clients for iOS.
Hushmail is known for occasionally being inaccessible. If you don't intend to use it as your primary email, you will most likely never even notice when it's down. However, it's stability issues could quickly become annoying when relying on it as your only email provider. What could also become a problem is how limited free users are in terms of storage space. Without upgrading to a premium subscription, you only get 25 MB, and that's really not a lot in this day and age.
- Touch ID support on iOS
- Auto-reply and auto-forwarding.
- Occasionally inaccessible
- Only 25 MB of email storage.
Tutanota (Latin for the words "secure" and "message") is an open-source end-to-end encrypted email service from Germany with over 2 million users. Tutanota automatically encrypts all your data on your device, ensuring that your mails, as well as your contacts, stay private. We like that Tutanota is licensed under GPL v3 and hosted on Github, so everyone can see the source code, review it, and even modified it for use in other projects.
We like that the free version of Tutanota includes 1 GB of email storage, but we don't like that the cheapest premium plan also includes just 1 GB. If you want more space than that, you have to purchase the Pro plan for 60 EUR a year (or 6 EUR monthly), which will get you 10 GB. In addition to the extra storage space, you'll also get access to more customization options and priority support.
- 1 GB of storage for free
- Strong security policies
- Licensed under GPL v3.
- Doesn't support PGP
- Extra storage is expensive.
CounterMail's mission is to provide the most secure email services on the Internet, with excellent support and at no cost at all. CounterMail is known for its absolute transparency and automatic end-to-end encryption that relies on OpenPGP with 4096 bits encryption keys. Unlike many other providers of private email services, CounterMail's servers are diskless, which means they don't have any hard drives capable of storing users' data. Instead, the servers start from a CD-ROM.
CounterMail is based in Sweden, a country that falls under the jurisdiction of 14 Eyes. Swedish authorities could potentially legally force CounterMail to provide full access to its servers, so it's good news that users have the option to delete their private keys from CounterMail's servers and store them locally on their computers. Without this option, CounterMail wouldn't make it on this list of the most secure email providers.
- Diskless servers
- Stores credit card information for 14 days
- Based in Sweden.
Mailfence is an encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in 2013, with the first public beta version being made available in 2016. Mailfence benefits from the strength of Belgian privacy protection law, and the service promises that it doesn't use any third-party advertising or marketing trackers. It's also completely free from ads and supported by financial donations and money from premium plans, which include large storage space but the same level of security as the free plan.
When it comes to user interface, the latest version of Mailfence shares many similarities with Microsoft Outlook, and it provides multiple email-related services to help you manage your digital life, including contacts, calendars, and document storage. The business version of Mailfence can be heavily customized to meet the unique needs of each and every customer, making it a solid choice for privacy-conscious businesses.
- Includes a calendar and document storage space
- Accepts cryptocurrencies.
- Not open source
- Based under the jurisdiction of 14 Eyes.
Librem Mail is the newest addition to the Libre One, a growing suite of privacy-respecting services from Purism. This End-to-end encrypted email is based on K-9 Mail, a popular email application for Android, which was available as Free/Open Source Android Software under the Apache License version 2.0. Librem Mail shares the rather spartan user interface of K-9 Mail and combines it with OpenPGP to create a brand-new secure email service.
Unfortunately, it's still very evident that Librem Mail is the new kid on the block because it crashes often and catastrophically. Unless you're already using the Libre One bundle, we recommend you wait a while until its developers fix some of the more obnoxious bugs.
- Uses OpenPGP
- Based on K-9 Mail.
- Lacks polish
- Crashes often.
How Can Clean Email Help?
Clean Email is an intuitive inbox cleaner that knows how to stop spam emails from occupying pression space in your inbox. You simply sign in with your free or paid email service, let Clean Email group your emails into convenient bundles using its privacy-conscientious algorithms that analyze only email headers and never the content itself, and then apply a number of different actions to easily remove, move, add labels to entire groups of emails.
You can also tell Clean Email to apply certain actions automatically, which is a very effective way how to block unwanted emails or ensure that only the most important emails remain visible in your inbox. For example, you can mark certain emails as read, move them to your email archive, or delete them.
Privacy Guard by Clean Email is a comprehensive safety net, which regularly checks your email against known data breaches and security incidents. If there are emails that meet the parameters of known data breaching incidents, Privacy Guard will let you know. Once you’re notified of the issue, Privacy Guard will suggest you change your password to maintain the security of your account.
In the event of a potential breach, you should always change your passwords and enable two-factor authorization as soon as possible.
Using this system and maintaining a close connection with third-party auditors has ensured that Clean Email has never had a security incident to date. We continue to maintain safety by undergoing independent security assessments, in addition to the safety protocols Clean Email employs daily.
Even though email was not designed with security and privacy in mind, there are many secure email services that offer user-friendly implementations of end-to-end encryption. There's also Clean Email, a sophisticated yet ease-to-use inbox cleaner that can protect your from spam and other unwanted messages with its extensive Automation features and help you keep your inbox organized with its intelligent email recognition algorithms.
Most Secure Email Providers - FAQs
Is Gmail a secure email?
Gmail is a moderately secure email. The system uses TLS (Transport Layer Security) to protect user messages. However, this email system only protects your email while transferring data while your emails rest using 128-bit encryption. Gmail does offer many different ways to fortify your account, such as adding better encryption, strong password, and two-step verification.
Is ProtonMail safer than Gmail?
Yes, ProtonMail is safer than Gmail. ProtonMail automatically secures your email interactions with end-to-end encryption. While Gmail only uses a TLS cryptographic protocol, ProtonMail uses a pair of RSA keys specific to your ProtonMail account. With this type of encryption, not even ProtonMail can access your messages.
Can ProtonMail be hacked?
In short, yes, your ProtonMail can be hacked. However, if your ProtonMail account does get hacked, chances are, it will not affect your user data. The reason is ProtonMail's end-to-end encryption and zero-access encryption. While there is always going to be a threat, there are multiple steps to a successful hack. Fortunately, ProtonMail can thwart hacking attacks before they gain any useful information, even if they initially gain access to your account.
What is the most secure free email account provider?
ProtonMail is the most secure free email account provider. This safety is due to the service provider offering end-to-end encryption, but it also has to do with the physical location of the ProtonMail headquarters in Switzerland. The reason this is important is that Switzerland has extremely strict privacy laws. Therefore, in addition to ProtonMail’s exceptionally precise encryption, the privacy laws protect users from both American and European hackers.
Who has the most secure email?
Whether you’re paying or using the free service, ProtonMail remains the most secure email service. Forbes hailed ProtonMail as “The Only Email System The NSA Can’t Access.” Yet, Forbes is not alone in their praise of ProtonMail and its high security. There are plenty of reputable news sources in the tech and business sector that are impressed by the level of protection that ProtonMail provides users. If you decide to pay for ProtonMail, you can also take advantage of multiple email addresses, a VPN with the same security as the email service, and even a cloud service.