Email is full of private, personal, and everyday data. Letters to friends and colleagues, shopping receipts, calendar events, flight confirmations: email is a continuous stream of data. From days to decades, that everyday data adds up and tells a story. Most people think of their inbox as private, but it’s important to ask how this data is actually protected and who can access it.
An encrypted email app is one of the most powerful ways to secure your everyday data because it applies automatic encryption to every email you send and receive. It ensures that you are the only one with access to your inbox, and it lets you send emails that only you and your recipients can read. It’s a common misconception that this is how email already works, but the reality is that most regular email apps do not offer these basic security features. In this article, we’ll explain how an encrypted email app works, the ways it keeps your data safe, and its benefits over a regular email app.
What is an encrypted email app?
An encrypted email app is designed to encrypt your email while also letting you securely access that encrypted data. In every other respect, it works just like a regular email app. It has your inbox, drafts, sent message folder, address book, and everything else in your account. The only difference is that, in addition to these features, it provides encryption for the data in your mailbox.
Many people believe this is how email already works: that only you have access to your inbox and that an email can only be read by you and your recipient. Unfortunately, this isn’t how regular email apps operate. Most email providers can decrypt and access your email data. An encrypted email app ensures that only you can access and control your data.
How does an encrypted email app work?
An encrypted email app provides automatic encryption for your email. Encryption secures your data so that it can only be accessed by the people who sent or received that email. There are a lot of important reasons to use encryption to keep your data safe, but what does that access actually look like?
The short answer is that your personal encrypted email app handles the encryption and decryption process automatically so that you can send and read secure emails directly from your device. Whenever you check your mail, the app loads your encrypted inbox, decrypts it, and gives you access to your email. In the ProtonMail app, this process appears seamless and nearly instant, but the app is actually performing a highly secure verification check every time you launch it. Once complete, the app opens, and everything looks and feels just like a regular email app.
An encrypted email app ensures that only you can access your email. It encrypts your inbox, sent mail folder, and even your drafts. Emails sent between ProtonMail addresses are secured with end-to-end encryption (E2EE). These emails are encrypted by the sender’s encrypted email app to ensure that only you can access and open the message. Even emails received from other email providers will be stored in your ProtonMail account fully encrypted. The moment an email arrives, your encrypted email app encrypts the message so that the data in your inbox becomes inaccessible to anyone else, including ProtonMail. This is known as zero-access encryption.
While zero-access encryption might seem like a natural feature, most regular email apps have not adopted the practice. Most email services encrypt your emails on their server but using keys they control, meaning they can also decrypt your messages at any time. Once decrypted, those emails can be read, scanned, or copied. Even if you trust your provider to respect your privacy, it’s still a matter of security. Email providers can be compromised, servers can be hacked, and data can be breached. An encrypted email app ensures that your emails remain safe and in your control.
With a regular email app, it’s up to your email provider to protect your everyday data. Whether they respect your privacy or adequately protect your data is a matter of trust; with an encrypted email app, it doesn’t have to be.
How ProtonMail protects your everyday data
Email is everyday data that, by its nature, is shared. An encrypted email app keeps that data secure while also making it accessible to you and your recipients — and no one else.
Whenever you write to another ProtonMail account or use our app’s Encrypt for Outside feature, our encrypted email app utilizes E2EE. End-to-end encryption ensures that only you and your recipient can read and access that email. Again, this might seem commonplace, but this is not how regular email apps work. Most email services do not use end-to-end encryption. Without E2EE, your email provider can access unencrypted copies of your messages between your device and your email recipient. Your message may be encrypted and decrypted several times. Each time it is decrypted, the message can be scanned or read.
It’s common to think about email as if it were a letter sent by post: only readable once opened by the person it is addressed to. Without E2EE, it’s more like a postcard: your email provider can access any email on its servers at any point. Even worse, if those servers are compromised or hacked, that data becomes vulnerable.
With E2EE, your encrypted email app ensures that neither your email provider nor anyone else can access that data. Only you and your recipients can. E2EE brings email in line with how most people actually think about it: that your email should only be accessible by the people you’ve addressed it to.
The ProtonMail encrypted email app makes privacy the default
The Proton vision is to make privacy and security easy. To achieve this, encrypted security is at the core of our technology. ProtonMail is encryption made simple. Its design embodies three pillars to ensure your everyday private data stays secure:
- Encrypt as strongly as possible
- Encrypt with as limited access as possible
- Encrypt automatically
We want to give people a choice when it comes to their data. Privacy shouldn’t be something you labor over every day. With ProtonMail, privacy becomes an easy choice whose impact grows with each automatically encrypted message you send. Email shouldn’t be a hassle, and data security shouldn’t be something you need to constantly worry about. The ProtonMail encrypted email app takes care of privacy and security automatically so that you don’t have to.
An encrypted email app lets you send and receive private and secure mail. It encrypts your data so that it can only be accessed via the app. Your inbox is fully encrypted so that only you have access to it. You can also use the app to send end-to-end encrypted (E2EE) messages that only you and your recipients have access to.
Otherwise, it’s a regular email app that gives you access to your inbox and lets you write and receive messages.
An encrypted email app offers significant safety features over a regular email app. Using both zero-access encryption and E2EE, the app ensures that your email can only be read and accessed by the people who sent or received it.
While this might seem commonplace, it isn’t how a regular email app works. Most other email providers perform the encryption on their servers with access keys they control. Without E2EE, your email provider can decrypt and access the messages on its servers at any time.
The app works by encrypting and decrypting your email. With E2EE, for example, email can only be accessed by the people who sent or received it. The app encrypts the data in such a way that it can only be decrypted with encryption keys (i.e. your PGP private key) that you or your recipients access automatically through the app.
An encrypted email app is important for both privacy and security. It ensures your email provider cannot scan your email data to collect personal information. It also helps protect your emails from hackers and server breaches by ensuring your email provider doesn’t have a decryption key that could be stolen or misused.
Without E2EE, for instance, your emails might not be encrypted the entire time between your device and your recipient’s. Instead, that message can be encrypted and decrypted several times while on your email provider’s servers. Each time it is decrypted, it is possible for that email to be scanned, copied, or read.