Are you tired of hearing about data security breaches? Have you had enough of knowing that companies like Google, Facebook, and many others, continue to sell your private information to advertisers and make billions each year?
It’s time to consider ProtonMail, which promises both zero-access and end-to-end encryption to protect your data. Once only for CERN scientists, the Swiss-based email service is now used by millions of people across 150 countries.
What is ProtonMail?
Before discussing ProtonMail, it’s important to understand email systems, in general.
Cloud-based email services have been around for decades. Though features might differ, each operates in similar ways. Through computers or mobile devices, end-users can send emails to others all around the world. As part of the process, these emails and their attachments are kept somewhere in a cloud, which is neither an actual cloud or located in the sky. Instead, the emails are stored across server farms along with those of millions of other users.
Most email services are provided for free. Despite this, the expectation has always been that companies are trying their best to protect our data from wandering eyes. Unfortunately, data breaches have become commonplace affecting billions (yes, billions) of users.
The largest data breaches in recent years have occurred at some of the biggest names in Silicon Valley. In the past two years alone, personal data collected by Facebook from nearly 592 million users were exposed through various breaches. A 2018 security breach at Google was so bad it forced the technology giant to shut down its social network, Google Plus. A few years earlier a Yahoo breach affected 3 billion users!
With trust in big brand technology companies steadily eroding, companies like ProtonMail are hoping to pick up the slack and offer something different. ProtonMail offers two types of email encryption, depending on your situation.
The first, zero-access encryption, occurs when a non-ProtonMail user sends an email to someone who uses ProtonMail. In this case, let’s say the email came through Gmail. Here, the mail is encrypted using a ProtonMail public encryption key that’s explicitly tied to that user. In other words, the user is the only one who can decrypt the message. (Even ProtonMail can’t do this.)
End-to-end encryption, by contrast, occurs when both the sender and recipient use ProtonMail. Under this scenario, email is encrypted on the sender’s device using a public encryption key of the recipient before being transferred to a ProtonMail server and the recipient. The message is already encrypted before it reaches the server and only the sender and the recipient can decrypt the email.
With either type of encryption, your data is secure and emails cannot be shared with third parties. Better still, no personal information is required to create a secure email account using Proton. By default, the company doesn’t keep any IP logs which can be linked to your anonymous email account. Additionally, ProtonMail supports two-factor authentication (2FA), which protects your account with an additional unique code generated on a mobile app.
How Much Does ProtonMail Cost
Because ProtonMail doesn’t rely on selling your personal information to make money, you might assume ProtonMail is expensive. It’s not, however. Designed and maintained by open source code, ProtonMail offers accounts for free. You can support the project, however, by upgrading to a paid account or donating.
Of the open source code, ProtonMail explains:
We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail’s open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.
A free ProtonMail account offers 500MB of storage with one email address. For this, you can send/receive 150 messages a day and use up to three folders and labels. A Plus account, which is the one I use, offers 5GB of storage, five addresses, and 1,000 messages per day. You can use 200 folders and labels. There’s also professional and so-called visionary packages available. You can pay for your paid accounts on a monthly or yearly basis with discounts available for the latter.
One of the benefits of purchasing a paid ProtonMail Plus account is flexibility. You can adjust both your amount of storage and email addresses at any time. There’s also ProtonVPN, which you can purchase separately to encrypt your internet connection.
You can access your ProtonMail account(s) through iOS and Android apps and on the web. Before you do so, I suggest setting up your free pm.me email address. You can create the easier-to-share pm.me email address in the web version of ProtonMail. For example, my ProtonMail addresses are both “firstname.lastname@example.org” and “email@example.com“. Email sent to each goes to the same location. All ProtonMail users can receive mail at their @pm.me email address, but sending from @pm.me addresses is limited to paid users only.
The ProtonMail interface, regardless of platform, features a modern inbox design that’s optimized for productivity. You’ll see folders for the inbox, drafts, sent, starred, archive, spam, trash, and all mail. You can also store contacts, and add folders and labels for customization. Changes made on one platform are kept across all platforms, including web, iOS, and Android. For added customization, you can add signatures and change message swipe actions on mobile. By default, a swipe left to the right sends an email to trash, while a swipe right to the left goes to spam.
There are other reasons to consider ProtonMail, starting with where the company is located. As a Swiss-based company, ProtonMail is outside both US and EU jurisdiction which means only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel it to release the extremely limited user information it maintains.
ProtonMail also includes the ability to set an optional expiration time on emails. When activated, this option automatically deletes emails from a recipient’s inbox once they have expired. Better still, this technology works for both emails sent to other ProtonMail users, and encrypted emails sent to non-ProtonMail email addresses.
Even a year ago, I probably won’t have considered using an email system like ProtonMail. However, with data breaches on the rise, I finally took the plunge. So far, I’m glad that I did. ProtonMail comes highly recommended.