Privacy Canada is community-supported. We may earn a commission when make a purchase through one of our links. Learn more.

Most-Secure Email Service Providers (2019)


Ludovic Rembert —

Last Updated on

There have been countless privacy scandals over the past few years involving large email providers. This has led many people to look for the best secure emails that will allow them to freely communicate with others and at the same time protect their privacy as a user.

Why You Need Your Emails Encrypted

You might ask, is it really necessary for me to encrypt my emails? Or is this much ado about nothing? Look at what’s happened over the past couple of years and judge for yourself.

encrypted-email-iconGmail was recently caught giving third parties complete and full access to its user’s emails. This means that if you used Gmail during the time this scandal was unfolding, the emails you thought were private may have ended up in the hands of individuals who wanted to use them for their own reasons. If you are comfortable with that, then maybe you don’t need to encrypt your email.

Declassified documents showed that Yahoo, AOL, Google, Microsoft, and Apple have all allowed US surveillance agencies to be able to monitor live communication and store information on their servers.

So we have Yahoo, AOL, Apple, Google, and Microsoft, all of the big players in email, willingly sharing your private information with advertisers, marketers, and the government. This is why, if you want to keep your emails private, you need your emails encrypted. Remember, when you use “free” email providers, it is likely that you are what is being sold to others.

Thankfully, there is a simple solution. Use a secured email provider. Let’s take a look at a few of the options that are available with the goal of helping you select the one that is right for your needs.

1. ProtonMail – The Most Well-Known Email Service Provider

ProtonMail was founded by Dr. Andy Yen. Prior to founding this company, he worked as a researcher at CERN. ProtonMail is based on the idea of building an Internet that protects user’s privacy, starting first with email.

The engineers and scientists who work for this Switzerland-based company have a singular vision of protecting people’s civil liberties while online. For this reason, they created an easy to use email service that has built in end-to-end email encryption.

ProtonMail’s commitment to privacy is seen as soon as you set up your account. You are not asked for personal information. You just need to select a username and password.

This is a free email account, so it does not have a lot of the functionality you might get with other email services.

protonmail inbox

Your attachment limit is 25 MB. Attaching images is easy and fast. As you send or receive emails, ProtonMail automatically stores the contact information in your address folder. You are able to upload contacts from other programs. However, there is not a direct way to connect contacts to social media or other email accounts. You will need to create a.CSV or.VFC file and then upload them to your account.

If you forget your password and you need to reset your account, you can do so. However, any emails that were already in your inbox or in your saved folders before you reset your password are gone. There is no way that you will ever be able to recover them.

Pros:

  • Easily send encrypted email messages
  • Uploads attachments up to 25 MB quickly
  • Free

Cons:

  • If you forget your password, you will need to reset your account. Any emails previously stored or received will be locked away. You will no longer be able to access them.

2. Mailfence – End-to-End Encryption + Digital Signatures

Mailfence is a Belgian-based company that was launched in 1999. Their goal is to help users reclaim their secure email privacy. To accomplish this goal, they found SSL certificates that had no American certification authority. They developed a unique inter-operable end-to-end encryption email solution. This solution includes digital signatures.

Mailfence strives to stand out from the crowd by offering a complete email suite, including Mailfence Calendars, Mailfence Documents, and Mailfence Groups. Mailfence works with other Open PGP compatible email services.

Mailfence refers to itself as a “true end-to-end encryption email solution” because all encryption operations happen in the browser. Their integrated key store gives users full control over key management as well as advanced options.

how mailfence works

Mailfence prides itself on offering full reversibility. This means that users are able to leave the platform with their encrypted key pairs as well as their end-to-end encrypted data.

Being based in Belgium, their servers are located in a country with laws that protect privacy. Since Mailfence does not have a foreign parent company, they are not forced to comply with data requests from domestic or foreign authorities.

Mailfence has a free plan that comes with 500 MB emails, 500 MB documents, two-factor authentication, encryption, as well as support. The next level up is a plan for around $2.50 each month. Their business plan allows users to scale the plan based on their needs. The pricing for the plan varies depending on what the user adds to it.

mailfence pricing

Pros:

  • Excellent security and privacy
  • Open PGP end-to-end encryption
  • Located in Belgium
  • Digital signatures
  • Third parties do not have access to your data

Cons:

    • Customizable themes are not provided
    • Does not have a proper alias management system

3. Hushmail – Oldest Secure Email Service

Hushmail is designed to be like the free email service you currently use. You’re able to use it on your smartphone, on the web, or on a smart device. The difference is that they added extra security features with the goal of keeping your data safe.

Hush Communications began in 1998. A year later, Hushmail was introduced. Based in Vancouver, Canada, this company is in the heart of a growing tech industry.

The philosophy behind Hushmail is that creating the best secure emails does not need to be complicated, nor does it need to be intimidating. Their idea has been that in order to limit cyber security risks, measures employed must be effective, be accessible, and people need to feel like they can actually use them.

Ben Cutler has served as the company’s CEO since 2001, and Brian Smith serves as the company’s chief technology officer. Brian was one of the creative forces behind the technology that powers Hushmail.

hushmail inboxes

Hushmail believes that security is the most important feature an email service can have. The free side of the service does not have many of the features or functionality that other web-based email clients offer.

Hushmail scans incoming emails and checks them for viruses. It provides you the ability to blacklist domain names and individual email addresses.

Hushmail does not have ads in its inbox. It offers POP3 access, meaning that your email is accessible from third-party services. This means that you can access Hushmail via your smartphone’s email app. Hushmail only offers a plain text message composer.

If you use your email every day, you might not be bothered by this, but Hushmail does require that you login at least once every three weeks to keep your account active. If not, Hushmail will deactivate your account automatically. This can get annoying fast.

Pros:

  • You don’t get ads in the inbox
  • POP3 access
  • Free version

Cons:

  • If your account is inactive for three weeks, it gets deactivated
  • No spell checker

Final Thoughts

Email is a trusted form of communication. It is where you share private information with those you trust. This is why, email is a legitimate target for hackers. Free email accounts encrypt your messages. Many of them do a good job of filtering out spam. Still, we do not feel that free web-based email clients are the safest way for you to communicate.

STARTTLS is a common form of email encryption. If both the sender and the recipient are using applications that support this type of encryption emails can be sent.

Public-key infrastructure, or PKI is key to email encryption. It is what allows one to use technologies such as digital signatures and encryption. In addition to being used in emails, it is at the heart of e-commerce, and it will have a greater role in the Internet of things.

The need for email, and other forms of cyber security softare like a VPN, will continue as long as there are malicious individuals who use things like ZeroAccess and other forms of malicious malware to infect operating systems, and cause damage to innocent victims.

Don’t forget that while encrypted email provides an extra layer of protection to your personal data, your internet traffic still isn’t encrypted. We suggest you get the best VPN on the market and protect yourself and your entire home from potential attackers.

Email is an attack vector, but so is your browsing data. Always remain vigilante to the sites you visit, get an encrypted email service, and get a good VPN like NordVPN or Surfshark. You’ll save yourself a lot of pain the future.

FAQs

Q: Is Gmail a secure email?

A: Gmail has more than a billion users around the world. It is one of the most popular email service providers on the planet. Understandably, there is concern about security. Gmail allows you to login from any location and use whatever device you want. This makes it possible to log into unencrypted networks and expose your personal data and privacy. Gmail has default settings that offer fairly robust security. However, learning about advanced security options, including SMTP over TLS (STARTTLS), will allow you to make Gmail more secure.

Q: Can I send an email with Gmail?

A: Yes. Gmail supports S/MIME. This is available with the paid Gmail account. It is not available if you are using a free account. S/MIME will only work if both the sender and the receiver are using a service that supports it. Gmail has hinted that they are interested in adding end-to-end encryption on all of their email services. This hasn’t happened yet, and since they’ve been promising this since 2014, we’re not holding our breath.

Q: How can I password protect a Gmail attachment?

A: Click Compose to begin a new email. On the bottom right of the window, click Turn on Confidential Mode. There you are able to set an expiration date and a password.

Q: Can an email be hacked?

A: Yes. For example, researchers in Europe discovered security flaws that allow email to be hacked if the encryption used is PGP and S/MIME.

Q: How do I know if my email has been hacked?

A: Your first clue will usually be that your contacts inform you that they have received strange emails from you. It may be asking them for sensitive information, etc. Tell them to send a photo of it to you. If you did not send it, it’s likely you have been hacked.