If you are worried about how mainstream email providers like Gmail log your data and access every email in your mailbox, using a secure email provider like ProtonMail can help maintain email privacy. ProtonMail belongs to Proton Technologies, which has a history of maintaining users’ privacy and has launched privacy-focused products like ProtonVPN.
ProtonMail is the first and the most polished email provider that received shoutouts on various social media platforms. It uses end-to-end and zero-access encryption to protect your emails from all prying eyes. Also, it offers a great range of security features to keep your email communication private.
However, despite claiming to be a secure email provider, ProtonMail was highly criticized for handing over users’ data to law enforcement. Also, Reddit and Twitter users share mixed opinions about their experience with ProtonMail. After following a litany of mixed reviews, it becomes essential to perform an in-depth ProtonMail review and dig out the truth.
ProtonMail Features
ProtonMail is a featured-rich email provider that offers various features to boost your email privacy and ensure a smooth user experience. To have a quick overview of ProtonMail, let’s first compare its strength and weaknesses:
From a bird’s eye, ProtonMail positions itself as the best secure email provider. However, it’s crucial to analyze each feature in detail to build a narrative.
Privacy and Security
The best private email providers allow users to send anonymous emails without any trackbacks. They ensure no third party can invade their email privacy and thus uses robust end-to-end encryption and other security-focused features.
Besides, they should belong to a secure jurisdiction that doesn’t invade users’ digital privacy and follows a strict no-log policy. Therefore, it is vital to analyze these aspects while inspecting the security and privacy of a private email provider like ProtonMail.
What type of Encryption does ProtonMail use?
ProtonMail encryption makes it the most secure and special among others. It uses asymmetric encryption to encrypt and decrypt the messages you receive. All the emails are end-to-end encrypted so that no one except the recipient can view the messages.
The messages are also protected with automatic and built-in PGP encryption. This encryption makes it possible to send emails to people who don’t use ProtonMail. Besides this, the emails are stored using zero-access encryption, meaning no one else can read or share the messages with any third party. It includes messages received from both ProtonMail and non-ProtonMail users.
However, the email’s subject line and sender’s address are encrypted but not end-to-end, which concerns the users.
Jurisdiction of ProtonMail
ProtonMail belongs to a safe and privacy-friendly jurisdiction that gives users some mental peace. The email provider’s headquarter is in Switzerland, which respects users’ privacy and isn’t a member state of the five eyes, nine eyes, and fourteen eyes surveillance alliance. The country is not bound by a formal international agreement to record and share data, so users don’t have to worry about their data and activities being logged.
Switzerland falls in the European Union, so the EU data retention laws are applicable. But, in an appeal, the Swiss Federal Administrative Court confirmed that email service providers like ProtonMail are not considered telecommunications providers. Hence it is not subjected to the data retention laws enforced on telecommunications providers. So ProtonMail won’t compromise your privacy.
Does ProtonMail Keep Logs?
ProtonMail promises not to keep IP logs or other metadata to keep emails private and anonymous. But after analyzing the privacy policy, it was shocking that ProtonMail follows a shady privacy policy and temporarily records the IP logs.
The email provider has access to various email metadata, including the IP address, timings when the message was sent and received, message subject, and content of unencrypted messages sent from other email providers.
ProtonMail also accepts the fact that they do log the IP address for a temporary purpose. They log it to prevent crimes and cyber attacks. However, if they observe that the user is involved in activities violating their terms and conditions, they permanently store the IP logs. It means that the email provider monitors and tracks your online communication; from a privacy perspective, it is unacceptable.
Unlike other email providers, the ProtonMail code has been audited by a third-party audit firm. There hasn’t been any significant vulnerability found, which ensures maximum online protection. Still, the company also needs to audit its log policy so the disappointed users on Reddit and elsewhere can rest assured that trusting ProtonMail is not wrong.
Past history of the Email Provider
Proton Technologies is the parent company of ProtonMail and has also launched other products, including ProtonVPN, Proton Drive, and Proton Calendar. The company was established in Switzerland in 2014 when scientists met at CERN and decided to build a better internet where users can enjoy maximum privacy.
However, ProtonMail was under fire for sharing a user’s data with a law enforcement agency. In 2021, the Swiss authorities shared a climate activist’s IP address with the French police despite using strong encryption. Privacy experts and users criticized the email provider for violating individuals’ privacy.
The ProtonMail CEO, in a series of tweets, said that if any crime is committed, the company is compelled to share the information, and the privacy protections are suspended. The email provider also slightly changed its privacy policy on the same occasion. Previously, ProtonMail claimed that they don’t keep IP logs, but after this incident, it’s mentioned in their privacy that they retain IP logs temporarily.
Privacy and Security-Focused Features
ProtonMail is a reliable email provider, offering various privacy and security-enhancing features depending on your subscription plan. Following is a brief insight into the feature that comes with ProtonMail Plus and the Visionary plan:
Self Destruction Messages
ProtonMail allows setting an expiring time on the emails you send. By default, all the emails sent from the ProtonMail account do not expire, but by enabling this feature, you can set an expiry time of up to 28 days. Once this feature is enabled, the encrypted emails will delete automatically from the recipient’s inbox.
This feature is available for encrypted messages between ProtonMail users and password-protected emails sent between ProtonMail users and people who don’t use ProtonMail. To turn on this feature, open email composer > New message > click on the ellipsis menu at the bottom of the email composer and select the option that says Set expiration time > choose the Expiry time > click on Set.
Password Protected Emails
Password-protected emails are another impressive feature of ProtonMail that allows sending encrypted emails to all users. The emails sent between ProtonMail users are end-to-end encrypted automatically, but the best thing is that you can also send E2EE emails to people who don’t use ProtonMail.
With this feature, the recipient receives an email that tells them they have sent an encrypted message, but to read the message, they need to enter a password. Entering the agreed-upon password takes them to a secure ProtonMail mailbox where they can read and respond to the messages. This feature is set before sending the email; click the Encryption button with a lock icon > Select a message password > click on Set. You can now see a lock icon next to the recipient’s address, indicating the email is now encrypted.
When you respond to a message sent by the recipient of a password-protected email, your response is not end-to-end encrypted. You need to re-enable the password-protected email feature; otherwise, the entire message history will be sent unencrypted.
Enhanced Tracking feature
Business companies send emails using the email tracker option that collects sensitive information like IP address, geographic location, device time, and operating system. The collected information creates your profile to target you with personalized ads. It is a violation of privacy, and also, seeing several ads spoils the user experience. ProtonMail offers an enhanced tracking protection feature that blocks email trackers so you can view the content of the email without being tracked for targeted advertising.
When an email containing the tracker is opened, it will remove and notify you. The email tracker feature is enabled by default, but if you want to disable it, you can do it by navigating the Settings menu. Click on Settings > ProtonMail > Email privacy > Turn off the Block email tracking option.
PhishGuard
Email phishing is the easiest technique hackers use to trick users into gaining access to sensitive data. ProtonMail offers anti-phishing protection through the PhishGuard feature. It prevents the ProtonMail accounts from phishing attacks by flagging the spoofed email addresses and marking them in your inbox. Users can also check if the email they received is spoofed by looking at the encryption icon. The presence of the blue lock icon means that the email has come from a legitimate source.
Link Confirmation
Hackers have become sophisticated enough to compromise device security to access users’ sensitive data. ProtonMail offers a link confirmation feature to identify suspicious links and maintain device security. When this feature is enabled, a window pops up every time the user clicks on the hyperlink in the email. The pop-up shows the entire URL length so a user can inspect it and decide whether to click on it.
By default, the link confirmation feature is enabled, but you can also turn it off or on by navigating to the Settings menu.
Windows: Settings > ProtonMail > Messages and tap on the Confirm link URLs switch on/off.
Android and iOS: Go to Menu > Settings > Account settings > Account name > Mailbox > Privacy and tap on the Request link confirmation switch on or off.
Advanced Protection
ProtonMail uses an advanced protection feature to keep your email communication secure and anonymous. The email provider uses advanced algorithms and machine learning technology to detect sophisticated attacks targeted against specific ProtonMail accounts. The account user is warned, and the account is secured automatically before any damage is caused.
Two-Factor Authentication
Another impressive feature that ProtonMail offers is two-factor authentication. It is a useful feature that adds an extra layer of security by allowing the users to set an extra identity verification step to the standard login procedure. The users provide a one-time passcode generated via the device or authenticator app in addition to the username and password to access the account. Using this feature, in case the account credentials are compromised, the attacker can’t access the account without physical access to the device.
AppKey Protection System
ProtonMail maintains the device integrity of the iOS app with an innovative device-level security feature called the AppKey Protection System. It adds an extra encryption layer on top of Apple’s built-in local device encryption that secures the sensitive ProtonMail data. With this feature, the ProtonMail data remains secure from stalkerware, hackers, and tools that aim to spread malware on your device. To use this feature, enable FaceID, TouchID, or PIN protection in the Protonmail iOS app settings.
ProtonMail Bridge
Bridges is a premium ProtonMail feature that encrypts incoming and outgoing emails. It is a desktop application that runs in the background and encrypts and decrypts the messages as they enter and leave the system. To increase data security, ProtonMail bridges use passwords that are unique and different from your login password.
Besides this, these bridges allow downloading offline copies of your emails on your device. You can integrate the ProtonMail account into your favorite email clients, Thunderbird, AppleMail, and Outlook, via IMAP and SMTP by creating a local email server on your computer.
Most ProtonMail features discussed above are available in the Plus and Visionary plans. Hence, upgrade to a premium subscription plan to benefit from these features.
User-Friendliness
Besides guaranteed email security, an email provider must provide a smooth and hassle-free user experience. An email provider like ProtonMail should offer various customizable options, dedicated apps for all major apps, and an excellent customer support facility.
Is ProtonMail Easy to Use?
ProtonMail is an easy-to-download and use. Visit the ProtonMail signup page, choose the plan you’re interested in, and follow the instructions to complete the download process. Its layout is familiar to Gmail, Outlook, and Yahoo and easy to navigate. Users can easily find all the basic functions, such as creating new messages, accessing draft emails, and adding new contacts.
The user interface is also pretty attractive, and recently, the company has revamped its entire UI, so now it looks more appealing than before. There are also various options to customize the layout; you can adjust the inbox, template color, icon sizes, and writing style the way you wish. The paid versions of ProtonMail also allow the creation of custom folders and use filters and labels to organize their emails. All these options make ProtonMail one of the most convenient and customizable email providers.
Moreover, ProtonMail also offers a calendar app. The best thing about this app is that it is end-to-end encrypted and protects the schedules, titles, locations, and descriptions of any event from a third party.
What devices is ProtonMail compatible with
ProtonMail offers dedicated and user-friendly desktop, Android, and Apple apps. Anyone can download these apps from the ProtonMail website or Apple or Google Play Store; each app includes all features and allows easy and secure access to encrypted emails. The users on Reddit have appreciated the web app for being simple, making it pretty easy to use.
Some users have shown great disappointment in mobile app versions. For instance, in the iOS app, the email icon notification needs to be fixed. Even if the reader has read the email, it, again and again, shows a notification. Besides this, there are also issues with the Android app, like it doesn’t have a conversation view, and the app notifications are not synced until the ProtonMail app is opened.
How good is Customer Support
ProtonMail offers decent yet limited options to connect with the customer support team. The email provider doesn’t have a live chat feature option, which is disappointing. To establish a direct connection with the member of the support team, users need to submit a contact form or can also send an email. However, if you are a paid user, you’ll get priority, and your queries will be addressed soon.
The website is also full of knowledgeable material that offers great help to the users. You can find blogs, news, FAQs, and guides. Besides this, a help and support section includes account settings, plans and payments, mailbox customization, and security and privacy.
Conclusion
ProtonMail is an encrypted email provider that doesn’t track emails or log data. It belongs to the safe jurisdiction of Switzerland, so there is no need to worry about data being recorded or shared. The email provider uses E2EE and zero-access encryption to keep your emails secure and anonymous.
Moreover, ProtonMail is easy to use and has an impressive layout and UI. It has many features like enhanced tracking protection, PhishGuard, bridges, and password-protected emails, ensuring a safe and smooth email experience. However, the mobile apps and customer support need a bit of improvement.
FAQs
Share this article
About the Author
Farwa is an experienced InfoSec writer and cybersecurity journalist skilled in writing articles related to cybersecurity, AI, DevOps, Big Data, Cloud security, VPNs, IAM, and Cloud Computing. Also a contributor on Tripwire.com, Infosecurity Magazine, Security Boulevard, DevOps.com, and CPO Magazine.
More from Farwa SajjadRelated Posts
Expert’s Tips To Fight Off Ransomware Email Attacks In 2024
Undoubtedly, ransomware attacks are increasing daily, and this trend will not likely decrease in the...
Hushmail Review 2024: Does It Actually Make Your Emails Secure and Private?
Hushmail features 3 (221) Compared to other email providers, Hushmail lacks several advanc...
12 Best Private Email Providers To Send Anonymous Emails Anywhere
KEY TAKEAWAYS The best private email providers use impressive features like PGP or end-to-end encryp...
