End-to-End Encryption

Messages are encrypted at all times

Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.

Zero Access to User Data

Your encrypted data is not accessible to us

ProtonMail’s segregated authentication and decryption system means logging into a ProtonMail private email account requires two passwords. The first password is used to verify the identity of the user. After that, encrypted data can be retrieved. The second password is a decryption password which is never sent to us. It is used to decrypt data on your device so we do not have access to the decrypted data, or the decryption password. This means we cannot hand over your data to third parties. For this reason, we are also unable to do decryption password recovery. If you forget your decryption password, we cannot recover your data.

End-to-end encryption means that no one but the intended recipient can read the message

Open Source Cryptography

Time-tested and trusted encryption algorithms

We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail's open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.

Learn about ProtonMail and Open Source
By using open source encryption libraries, we can help guard against back doors designed to compromise your privacy.

Swiss Based

Incorporated in Switzerland

All user data is protected by the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) which offers some of the strongest privacy protection in the world for both individuals and corporations. As ProtonMail is outside of US and EU jurisdiction, only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have.

Learn more

Hardware Level Security

Full disk encryption and storage in secured datacenters

We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland so your data never goes to the cloud. Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized.

All ProtonMail servers and network traffic are encrypted


No tracking or logging of personally identifiable information

Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.

  • Self Destructing Messages

    With ProtonMail, emails are no longer permanent

    You can set an optional expiration time on ProtonMail’s encrypted emails, so they will be automatically deleted from the recipient’s inbox once they have expired. This technology works for both emails sent to other ProtonMail users, and encrypted emails sent to non-ProtonMail email addresses. Similar to SnapChat, we’ve added a way for you to have ephemeral communication.

  • SSL Secured Connections

    Swiss SSL to secure your connection

    We use SSL to secure communication between our server and your computer. Message data between our server and your computer is already sent encrypted, but we use SSL to add another layer of protection and to ensure that the web page your browser loads is not tampered with by a third party intercepting your traffic in a MITM (Man in the Middle) attack.

    Our SSL certificate authority (CA) is SwissSign, a subsidiary of Swiss Post (a public institution owned by the Swiss Confederation and not under the control of US or EU governmental agencies). To allow extremely security conscious users to further verify that they are in fact connecting to our server, we have also released the SHA1 hash for our SSL public key.

Securely communicate with other email providers

Even your communication with non-ProtonMail users can be secure

We support sending encrypted communication to non-ProtonMail users via symmetric encryption. When you send an encrypted message to a non-ProtonMail user, they receive a link which loads the encrypted message onto their browser, which they can decrypt using a passphrase that you have shared with them. You can also send unencrypted messages to Gmail, Yahoo, Outlook and others, just like regular email.

Easy to Use

Comprehensive Security for Everyone

We created ProtonMail because we found that none of the existing secure email services available today are sufficiently secure. However, a secure service like ProtonMail cannot improve the security landscape if it is so difficult to use, nobody can use it. From the start, we designed ProtonMail with a strong emphasis on usability. As a result, ProtonMail is very easy to use. There is nothing to install, and no encryption keys to manage, if you can use Gmail, Thunderbird, or Outlook, you can use ProtonMail.