Note: This article refers to a feature that is not yet available on our mobile apps. If you edit contacts on the ProtonMail iOS or Android apps, encrypted fields will be removed as they are not supported for now.
What is encrypted?
The display name and default email address field within contacts are only encrypted at rest (e.g. ProtonMail has the ability to access this information). Having access to this information is essential for advanced features such as auto-complete in the composer, spam filtering and whitelists, filters and conversation/threaded view.
Users with paid ProtonMail accounts have the ability to store additional details within their contacts, such as the contact’s phone number or home address. This data is protected with zero-access encryption (meaning ProtonMail does not have the ability to view this information). You can store whatever information you would like in these encrypted fields, including email addresses. These is also a notes field that allows you to write any details you wish within a contact’s detail view.
Why is encryption important?
Contact information, in particular, contact details can be very sensitive. Any details saved inside the advanced contact fields (inside the box with the lock icon) is encrypted such that even ProtonMail cannot access this data and can never share it with any third parties.
Digital Signatures within contacts
Starting with Version 3.12 of ProtonMail, all contact data, including the Name and Email Address of the contacts are digitally signed with a special contacts private key linked to your account. This allows you to verify that your contacts have not been tampered with or edited by anyone while they were in transit between your device (laptop, mobile, etc) and ProtonMail’s servers. This also applies to ProtonMail itself, meaning that not only can ProtonMail not decrypt the contact information, we also cannot secretly tamper with any of the contacts data. Contacts which have been digitally signed and verified are denoted with a check mark.
Note, older contacts which existed in your ProtonMail account prior to 3.12 may not be digitally signed, and in this case, no check icon will appear.
If digital signature verification for a portion of contact data fails, the following warning will be displayed around that data:
This means that this contact data is not correctly signed with your current ProtonMail contacts private key. This is most often caused by a password reset, because the key that you previously signed your contacts with can no longer be decrypted, and has therefore been replaced by a new ProtonMail contacts private key. If you have not reset your password since adding this contact, a failure of signature verification may mean this contact data has been tampered with.
You can learn more about how digital signatures work here.
Search within contacts
At the top of the Contact page there is a search bar that allows users to search contacts. This search will only return results for information stored within the Name and Email Address fields, as the other fields are encrypted and inaccessible to ProtonMail. If you are looking for a specific piece of information within a contact’s detail fields, we recommend searching for the name of the contact and then clicking on the contact to see the encrypted details.
You can import contacts into ProtonMail by uploading a vCard or .csv file. Learn more here.
Within Contacts, you will see two option to export your contacts.
In the above screenshot you will see the option to export all of your contacts into vCard format by selecting Export on the left side of your screen.
To export individual contacts, select the Export icon to the left of the Save button within the Contact Details.
At this time, ProtonMail does not support duplicate detection or merging of multiple contacts into one. We recommend using the sorting functions within the contacts to sort based of the contact name of email address. This will allow you to quickly identify duplicate contacts that are displayed next to each other within the contact list. Functionality to merge duplicate contacts will be added in the future.
Unable to decrypt contact details?
If you reset your mailbox password, your contact details will remain permanently encrypted since you have changed the private key used to decrypt the contacts. We recommend exporting your contacts to keep a backup in case you ever lose your password. If your contacts have become permanently encrypted due to resetting your mailbox password, you will be able to import your contacts again from the export file you have backed up.