Best Email Encryption Services

Email encryption is the process of converting plain text email messages into a coded format that is unreadable by anyone except the intended recipient

The encoded message is then decoded by the recipient using a decryption key, which allows them to read the original message. Email encryption is used to protect the privacy and security of email communications by preventing unauthorized access to the contents of the message. In today’s digital age, where most of the communication is done via electronic means, the use of encryption has become a necessity to protect personal, business and sensitive information. It helps to protect the confidentiality and integrity of the communication and ensures that the message is only read by the intended recipient.

Here is our list of the best email encryption services:

  1. Proton Mail (EDITOR’S CHOICE) This email system provides a client for Windows, Linux, macOS, iOS, and Android. The client creates an encrypted link through the Proton Mail server and on to the recipient. Creating secure end-to-end emails is a lot easier when mailing other Proton Mail users. Get the free edition.
  2. Tuta (FREE PLAN) This provider created proprietary protocols to ensure stringent security. Apps for Windows, macOS, Linux, iOS, and Android. Try the service with a free account.
  3. Hushmail A webmail system that operates end-to-end email within the browser and offers special editions for healthcare providers and law firms.
  4. Posteo A barebones secure system that keeps prices low but includes cloud storage space in all plans.
  5. Mailfence Apps for mobile devices and webmail or existing operating system email clients for desktop users.
  6. FastMail This secure email works through your existing mail clients and includes virtual addresses and cloud storage.
  7. Runbox This webmail system will apply encryption for communication with mail clients but will only encrypt transmissions to recipients if the receiving email server can handle encryption.

Historically, email was not designed with encryption in mind. It was designed to be simple, fast, and easy to use, and encryption was not a requirement. But the implication of an unencrypted email is that the message which includes personal, financial, or other sensitive information can be intercepted and read by anyone (ISP employees, spy agencies, or malicious actors) with access to the network or servers through which the message is sent, thereby compromising the privacy of the sender and recipient.

However, with the increasing awareness of the importance of data security and privacy; and in some cases, regulatory requirements, more and more email providers are starting to offer encryption options for their users, either as a built-in feature or via third-party add-ons. In this article, we’re going to review the 7 best email encryption services out there. Hopefully, this will guide you in choosing the right one for your organization.

Our methodology for selecting email encryption services

We reviewed the market for encrypted email systems tools and analyzed the options based on the following criteria:

  • Services that are provided as webmail systems
  • Options to download an endpoint client
  • A package that bundles in other services, such as a calendar and a notepad would be nice
  • Systems that use PGP for key sharing
  • The option to send link invites to recipients who can manage encryption
  • A free trial or a free system so the service doesn’t trap buyers by not delivering after payment
  • Value for money from a testing system that is offered at a fair price or a free tool

With these selection criteria in mind, we explored the market to identify email encryption services that we’d be happy to recommend.

The best Email Encryption Services

1. Proton Mail

ProtonMail

Proton Mail is an end-to-end encrypted email service founded in 2013 in Switzerland. Switzerland is particularly noted for its strong privacy laws. Proton Mail uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Yahoo Mail.

Key Features:

  • Apps for Desktops and Laptops: Running Windows, macOS, and Linux
  • Apps for Mobile Devices: Running iOS and Android
  • Uses Public Key Encryption: OpenPGP and RSA
  • Strong Encryption Cipher: AES with a 256-bit key
  • Options for Emailing Non-Participating Recipients: Stores the message on the secure Proton server and emails a link invite for access

Why do we recommend it?

Proton Mail has thought of solutions to all of the security weaknesses of emails. Its end-to-end encryption protects email and its authentication procedures confound attempts at impersonation. The Proton Mail system is available as part of a bundle of services from the provider, which includes a VPN.

Proton Mail uses a combination of public-key cryptography and symmetric encryption protocols such as AES, RSA, and OpenPGP to offer end-to-end encryption and keep your messages safe from prying eyes. The service also offers a built-in VPN service for added security. Users can also send encrypted messages to non-Proton Mail users through the use of a secure passphrase or a secure link.

Proton Mail requires users to create and log in with a two-password mode: a login password and a mailbox password. The login password is used for authentication; while the mailbox password encrypts the user’s mailbox that contains received emails, contacts, and user information as well as a private encryption key. The decryption takes place on the client-side either in a web browser or in one of the apps. The public key and the encrypted private key are both stored on Proton Mail servers. This makes it difficult for Proton Mail to access user emails or reset user mailbox passwords.

Proton Mail offers the following pricing plans:

  • Proton Mail Free: Proton Mail free plan comes with the same security and ease of use as the paid plans but with limited storage and features.
  • Proton Mail Plus: Proton Mail Plus is the basic paid plan that comes with a number of advanced features. It offers more storage and advanced features
  • Proton Unlimited: Proton Unlimited provides a bundle of all Proton’s services: Proton Mail,  Proton Calendar, Proton Drive, and Proton VPN.

Who is it recommended for?

This package is a good choice both for personal use and for businesses. One problem that companies that deal with the general public will face is that not every recipient will be participating in an email encryption system and won’t understand how to install one. However, the link invite for access to a secure message gets around that issue.

Pros:

  • Plans for Businesses and Private Users: Two business editions, a free plan for individuals, and a family edition for six private users
  • An Appointment Calendar: Included in all paid plans
  • A VPN Service: Included in the Family edition and the top business plan
  • Cloud Storage: Included in the Family edition and the top business plan
  • Password-Protected Inboxes: The password unlocks the encryption

Cons:

  • No Free Trial: A 30-day money-back guarantee instead

They also offer custom enterprise plans for businesses with specific needs. The licensing model is based on the number of email addresses and storage required. A free account is available on signup.

EDITOR'S CHOICE

Proton Mail is our top pick for an email encryption service because this provider offers a fully secure Free edition, which is adequate for anyone. One problem with encrypted email systems is that they require both the sender and the recipient to be capable of managing the same encryption system. This is not always possible. Proton Mail provides a solution to this dilemma by hosting the secure email on its cloud server and generating a link to the message. That link gets emailed without security. However, the recipient has to pass authentication in order to read the email, which is protected by encryption to block outsiders from reading it.

Official Site: https://proton.me/mail

OS: Windows, macOS, Linux, iOS, Android, and Cloud

2. Tuta (Free Plan)

Tutanota

Tuta is a secure email service provider based in Germany. It offers encrypted email communications and emphasizes privacy and security. Tuta also offers end-to-end encryption for emails sent from one Tuta user to another, which means that only the intended recipient can read the message. The service is advertisement-free and mostly relies on donations and premium subscriptions.

Key Features:

  • Free Account Available: For personal use
  • Encryption in All Plans: End-to-end encryption to other Tuta account holders
  • Link Invite: Send outsiders a link to view the message on the Tuta server
  • Cipher Combination: Elliptic Curve Diffie Hellman and AES-256

Why do we recommend it?

Tuta is a respectable secure email system with end-to-end encryption and a range of clients for all operating systems. Like all secure email systems, this tool has the problem of requiring synchronicity, so you can only send secure emails to other uses of the Tuta platform. For all other recipients, store the message on the cloud and mail out a link invite.

Tuta utilizes multiple layers of encryption to protect the privacy of its users. The service operates on the principle of end-to-end encryption, which means that emails and attachments are encrypted on the sender’s device before they are sent to the recipient. This ensures that only the intended recipient can access and read the message. Additionally, all data, including emails and attachments, are encrypted on Tuta’s servers, adding an extra layer of security. Tuta also implements strong password protection and offers two-factor authentication for added security. Furthermore, Tuta’s software is open-source, allowing security experts to review the code and identify any vulnerabilities, making it a trustworthy and secure email service.

Tuta offers both free and paid licensing options. The free plan is strictly for private communications and includes one free email account, 1GB of storage, limited search functionality, and support for custom domains. The paid plans, known as Tuta Premium, Teams, and Pro, offer additional features such as more storage, advanced search, custom domains, and encrypted calendars and contacts. All plans come with end-to-end encryption of all data, ad-free emailing, and support for mobile and desktop devices

Who is it recommended for?

This package is a good rival to Proton Mail. It offers almost all of the functions of Proton and Tuta has gone the extra mile to create its own email downloader to get emails into the client. Users can also opt to just log into their Inbox in the Tuta webmail system.

Pros:

  • Proprietary Post Office System: Pulls messages down from the mail server to the client in an encrypted tunnel
  • Apps for All Operating Systems: Windows, macOS, Linux, iOS, and Android
  • Webmail Option: Emails stay on the server and you can access them through a browser
  • Secure Storage Space: Cloud drive included in all plans with more space for higher editions

Cons:

  • Can’t Mail Securely to Outsiders: Recipients who don’t have Tuta accounts can participate in secure communications

A free account is available on signup. Because of security reasons and for keeping the service free, Tuta deletes free accounts that have not been logged into for 6 months.

3. Hushmail

Hushmail

Hushmail is a Canadian-based secure email service that provides PGP-encrypted email and vanity domain service to individuals and businesses. Hushmail also offers a secure webmail interface and supports popular email clients such as Microsoft Outlook and Apple Mail, making it easy for users to access their encrypted email from anywhere.

Key Features:

  • PGP Encryption: More universal than many rival systems
  • Can Integrate with Well-Known Clients: Receive into Outlook or Apple Mail
  • Webmail Option: Ditch the on-device client and just access mail online

Why do we recommend it?

Hushmail has more chance of exchanging emails with other secure systems because it uses a standard PGP system for email encryption. While other systems, such as Tuta, have gone to great lengths to create proprietary procedures, that uniqueness makes their secure email incompatible with other packages. Hushmail doesn’t have that problem.

Hushmail also has a strong privacy policy that does not allow logging or monitoring of user activity. The company makes it clear that “it will not release any user data without a court order from the Supreme Court of British Columbia, Canada, and that other countries seeking access to user data must apply to the government of Canada via an applicable Mutual Legal Assistance Treaty”.

Hushmail works by providing encrypted email communication to ensure the privacy and security of email communication. When a user sends an email using Hushmail, the email and its contents are encrypted using industry-standard encryption methods, making it difficult for anyone other than the intended recipient to read the email. To access a Hushmail account, users must enter a unique password, which is used to decrypt the email and its contents. This added layer of security makes it much more difficult for unauthorized individuals to access a user’s email.

Who is it recommended for?

This system enables the creation of forms for email bodies. The company has a set of templates for this task and it is particularly strong at forms for healthcare providers. There is also a special edition for law firms. The company offers plans for private individuals and small businesses but it doesn’t have a free plan.

Pros:

  • Provides an App for iPhones: Android users need to access the webmail service
  • Electronic Signature Service: Manage contracts through the email system
  • Offers a Signed BAA: Needed for HIPAA compliance

Cons:

  • No App for Desktops: Users have to set up standard clients like Outlook or use the webmail service

Hushmail offers both personal and business plans, with various features and pricing options. The personal plan includes 2GB of storage, support for custom domains, and a secure webmail interface. The business plans are tailored towards Healthcare, Small Business, Law, and also includes custom solutions. The business plan offers features such as increased storage, custom branding, and priority support. Pricing for Hushmail business plans varies based on the number of users and the specific needs of the organization.

4. Posteo

Posteo

Posteo is a German privacy-focused email provider that offers encrypted email services and data storage. Posteo is known for its strong commitment to protecting users’ privacy and security; and its high standard security features and relative anonymity as it does not require any private information in the registration process.

Key Features:

  • Integrated Calendar: Provided within a webmail environment
  • Compatible with Well-Known Mail Clients: Set it up in Outlook or Apple Mail
  • Cloud Storage Included: Starts at 2 GB of space

Why do we recommend it?

Posteo is a close competitor to Hushmail, as the company didn’t go to the lengths of creating its own email client like Proton and Tuta. This business kept costs low by assuming that users would be able to use the clients that they already have with their operating system. This is essentially a secure webmail system.

Posteo offers support for PGP through Mailvelope in the web interface. Additionally, they offer two-factor-authentication via time-based one-time password (TOTP) and use Extended Validation certificates and HTTP Public Key Pinning (HPKP) for the HTTPS connection.

Posteo secures email through the following security mechanisms:

  • End-to-end encryption: Email content is encrypted before it is transmitted and decrypted by the recipient, ensuring that only the intended recipient can read the email.
  • SSL/TLS encryption: All connections to the Posteo server are encrypted with SSL/TLS, preventing eavesdropping and tampering of data in transit.
  • No tracking: Posteo does not track or log IP addresses or other information that could be used to identify users.
  • Data protection: Posteo stores data on encrypted hard drives and implements regular backups to ensure data safety.
  • Two-factor authentication: Posteo supports two-factor authentication, adding an extra layer of security to user accounts.
  • Open source software: Posteo uses open-source software, allowing security experts to review the code and identify potential vulnerabilities.

Who is it recommended for?

Posteo is a secure email system but less secure than others on this list. However, secure is secure and very, very secure could well be over-engineered. The company’s use of existing technology wherever possible has the benefit of making it much more compatible with outside systems than the big players on this list. The tool can securely exchange emails with Microsoft 365.

Pros:

  • Encrypted Webmail Inbox: Your login credential decrypts everything
  • AES Encryption for the Calendar and Address Book: Stronger than the encryption used for the emails
  • Password Reset Function: Based on your mobile phone number for 2FA

Cons:

  • No Proprietary Apps: Posteo stays competitively priced by not reinventing the wheel

Posteo is licensed as a paid service. All paid plans include features such as end-to-end encryption, SSL/TLS encryption, no tracking, data protection, expanded storage and support for multiple email addresses. You can sign up here for your Posteo email account.

5. Mailfence

Mailfence - Secure and Private Email service.

Mailfence is a privacy-focused encrypted email service provider based in Belgium. It offers OpenPGP based end-to-end email encryption service. The platform implements various measures to ensure the privacy and security of user data, including end-to-end encryption, SSL/TLS encryption, data protection, two-factor authentication, spam protection alongside plus addressing, sender address blacklist and whitelist. The service also supports POP/IMAP and Exchange ActiveSync as well as vanity domains with SPF, DKIM, DMARC and catch-all address support.

Key Features:

  • Apps for Mobiles: Available for iOS and Android
  • Webmail Interface: Access through a browser
  • POP and IMAP: Get emails into your regular email client

Why do we recommend it?

Mailfence is like Posteo in that they didn’t spend too much money providing extra special features. However, unlike Posteo, this service did create its own apps for mobile devices. This system is based in Belgium, which is not noted for its strong privacy rights. However, the system’s storage is fully encrypted and emails are protected by end-to-end encryption, which is managed by OpenPGP.

End-to-end encryption ensures that the content of emails is encrypted before it is transmitted, and can only be decrypted by the recipient. This helps to prevent unauthorized access to email content and ensures that only the intended recipient can read the email. SSL/TLS encryption is used to encrypt all connections to the Mailfence server, protecting against eavesdropping and tampering of data in transit. Data protection is also a key feature of Mailfence, with data stored on encrypted hard drives and regular backups to ensure data safety.

Two-factor authentication adds an extra layer of security to user accounts, making it more difficult for unauthorized users to access a user’s email account. In addition to these security features, Mailfence also offers a range of additional services, including digital signature and encryption capabilities, and a secure online document collaboration platform. These services help to provide a complete, secure, and private email experience for Mailfence users.

Who is it recommended for?

This service will appeal to cost-conscious small businesses. The company provides a free plan for private customers – there are two paid plans for personal use, too. The first of the three business plans is very cheap and it provides 50 email addresses. The top business plan is quite pricey but it offers up to 200 email addresses.

Pros:

  • Encryption is Implemented Within the Browser: Doesn’t require a plug-in
  • Cloud Drive: Includes a document editor
  • GDPR Compliant: Good for Europeans

Cons:

  • The Team Happily Admits that the System isn’t Perfect: A uniquely backhanded sales pitch

6. FastMail

FastMail

FastMail is a paid email hosting service that provides users with a secure and private email platform. It offers features such as calendar and contact management, task management, custom domains, and two-factor authentication. FastMail is known for its privacy and security, as well as its user-friendly interface and fast, reliable service.

Key Features:

  • Per User Pricing: No free plan
  • Cloud Storage Included: More space with higher plans
  • End-to-End Email Encryption: Uses OpenPGP

Why do we recommend it?

FastMail followed the strategy of Posteo and kept its secure email system simple. This is a webmail service that provides apps for mobile devices. Desktop users can set up their standard email clients, such as Outlook or Apple Mail to download messages with IMAP or POP3.

FastMail works by providing users with a web-based email platform that can be accessed from any device with an internet connection. When you sign up for a FastMail account, you get a unique email address and password that you can use to log in to the service. Once logged in, you can access your email, calendar, contacts, and other features. FastMail uses advanced security measures to protect your data, including encryption and two-factor authentication. All email and other data is stored on FastMail’s secure servers, which are regularly backed up to ensure the safety of your information. To use FastMail, you simply log in to your account, compose and send messages, and manage your email, calendar, and contacts.

FastMail offers a range of pricing plans for individuals and businesses. The following are FastMail’s current licensing and price plans:

  • FastMail Basic: Privacy-first email, calendars, and contacts
  • FastMail Standard: The best features for home or work
  • FastMail Professional: Email retention archive and pro options

Who is it recommended for?

FastMail offers plans for home users and for businesses – there are three plans in each division. The service is priced per user but its rate is at the high end of the market. All plans include cloud storage space with 5GB per user in the lowest business plan and 50GB per user in the highest.

Pros:

  • Masking Addresses Available: Use a virtual address to hide your real email address
  • Cloud Storage Included: From 5GB to 50GB, depending on the plan
  • Plans for Home Users: Includes a group plan for families

Cons:

  • No Proprietary Apps for Computers: Use the mail client that is built into your operating system

All plans offer a 30-day free trial, and there’s no obligation and no credit card required to try it.

7. Runbox

Runbox email hosting service

Runbox is an email hosting service that provides users with secure, private, and reliable email services. The company is based in Norway, which is known for its strong privacy laws, and Runbox is committed to protecting the privacy of its users.

Key Features:

  • Webmail System: Access your inbox through your browser
  • Compatible with Standard Email Clients: Set up Outlook or Apple Mail to download emails
  • Low Price per User: A lot cheaper than FastMail

Why do we recommend it?

Runbox has the same service model as Posteo, Mailfence, and FastMail because it is a webmail system that you can use with your standard email clients, such as Outlook or Apple Mail. Transmission security is not so great and if the remote mail server can’t implement it, your emails are sent unencrypted.

Runbox is known for its privacy and security, as well as its user-friendly interface and excellent customer support. It offers features such as webmail access, calendar and contact management, spam and virus protection, and custom domains.

Runbox works by storing email messages on Runbox’s servers and delivering them to users’ email clients (Outlook, Gmail, Apple Mail) when they check their email. Users can access their email through a web interface or by configuring their email client to retrieve messages from Runbox’s servers using IMAP or POP. Runbox provides a secure email service by implementing the following security measures:

  • Encryption: Runbox uses encryption to protect email messages in transit and at rest. Email messages are encrypted using Transport Layer Security (TLS) when they are sent and received, and they are stored in an encrypted format on Runbox’s servers.
  • Limited data collection: Runbox collects only the minimum amount of personal data necessary to provide its email services. This includes users’ names, email addresses, and payment information.
  • Data sharing: Runbox does not sell or share users’ personal data with third parties, except in limited circumstances where it is required by law or necessary to provide its services.
  • Email content protection: Runbox does not access or store the content of users’ email messages, except in limited circumstances where it is necessary to provide its services (e.g. spam filtering).
  • Spam and virus filtering: Runbox uses advanced filtering techniques to detect and block spam and virus-infected email messages.

Who is it recommended for?

Runbox would be interesting for home users and for businesses. The email volume limits might put off mass marketers – the outgoing limit is 500 mails per day. The incoming email limit is very high at 5,000 messages per day per user, so that won’t impact many businesses. All plans include cloud storage space for emails and a separate allocation for files.

Pros:

  • Uses PGP for Mail Encryption: Also covers communication with mail clients
  • Cloud Storage for Emails: From 2GB to 250GB per user
  • Cloud Storage Space for Files: From 200MB to 25GB per user

Cons:

  • Not Always Encrypted: If the recipient’s email can’t handle encryption, it won’t be applied

These measures help ensure that users’ email data is protected from unauthorized access, theft, and other security threats. Various pricing plans are available to suit the needs of individuals, families, and businesses. A free 30-day trial is available on request.