Hushmail features
Compared to other email providers, Hushmail lacks several advanced features. But it does include the essential features that ensure an anonymous emailing experience. The following are the features that Hushmail offers, along with some of its major drawbacks:
Hushmail is a secure email provider that works to keep its users’ data safe. It uses end-to-end encryption, robust encryption algorithms, and built-in OpenPGP support to secure email messages.
The email provider is HIPAA compliant; hence, it is an ideal service for health professionals, lawyers, and small businesses. However, there are some drawbacks to using Hushmail, like its high price, limited features, and device compatibility.
Also, because of Hushmail’s shady logging policy and invasive jurisdiction, people often criticized it and looked for other better options. This Hushmail review will look at these things deeply so you can decide whether to use Hushmail or choose any other best secure email provider.
The features listed above are not enough to conclude if Hushmail is a reliable option to use or not. Hence, let’s test and review Hushmail in detail.
Privacy and Security
The primary purpose behind using a private email provider is to keep the confidential information stored within the inbox protected and out of the reach of prying eyes. Also, private email providers don’t track or log the IP address. Therefore, it is essential to analyze your email provider’s encryption standards, logging policy, and jurisdiction.
What type of Encryption does Hushmail use?
Encryption is a vital tool for maintaining online security and privacy. Hushmail uses standard encryption algorithms and protocols to protect your email messages. It uses TLS/SSL encryption, perfect forward secrecy, OpenPGP encryption, and HTTP Strict Transport Security (HSTS) for sending and storing emails on its servers.
When you send an email, the actual IP address from the header is replaced with the Hushmail IP address. But the authorities can access your data since the email provider retains your IP address when you log into its services.
It uses TLS/SSL encryption for the data communicated in transit to its servers, while SSL/TLS encryption is used when firms transmit emails between servers. The email body and attachments are also protected with OpenPGP encryption requiring each recipient’s unique key. All the emails and the attachments are also encrypted when stored on the disk of the Hushmail servers.
In addition, Hushmail also encrypts all the emails sent to recipients who do not use Hushmail. Such emails can be encrypted using OpenPGP encryption and a security question-and-answer method.
When emails are sent to non-Hushmail users, they are stored on the Hushmail servers. The recipient receives an email informing them about receiving a secured email and providing a link to access it. The recipient can create and store their own OpenPGP keys, which increases email security.
However, since the unencrypted emails are stored on Hushmail servers, Hushmail couldn’t encrypt all the emails at rest. This creates another chance for the authorities to access users’ emails and something concerning that users won’t like at all.
Jurisdiction of Hushmail
The company that runs Hushmail is based in Canada and is a subsidiary of a U.S. firm. The US and Canada are the founding members of the five eyes alliance countries, which might concern the users. Any country that falls under the global alliance countries is bound by a formal agreement to record and share intelligence information about each other’s citizens without their consent.
Besides this, the country follows data retention laws and other legislations like the CLOUD Act. Under this law, companies like the one that owns Hushmail must provide user data to US law enforcement agencies even if the data is stored on servers in another country. All of this raises significant privacy concerns for Hushmail users.
Does Hushmail Keep Logs?
Hushmail isn’t as private as other email providers, and the issue lies in its privacy policy. The privacy policy reveals the information Hushmail logs when it logs the data and what happens with the recorded data. But, some policy points are unsuitable for your digital privacy.
Hushmail, unlike other secure email providers, records the user’s information, like the previous email address, IP address, and browser type, to sign up for its services. It also asks for the phone number when subscribing to the service to send an SMS verification code. The amount of data Hushmail records is shocking and sounds intrusive to the users.
There are other data that Hushmail records and are mentioned in its privacy policy:
More shocking is that Hushmail records the activity data for 18 months and responds to legal orders under British Colombia and Canadian laws to share the information with the authorities. This proves that the company collects and stores email metadata to comply with law enforcement warrants.
Besides this, Hushmail can decrypt the encrypted contacts, messages, and other data and hand over this information to the government or other surveillance agencies. Also, the email provider doesn’t provide a transparency report or Warrant Canary, which fails to prove its stance to the customers.
Past History of the Email Provider
Hush Communications Canada Inc. founded Hushmail in 1998. The company was established to send and receive private and encrypted emails and web forms from Hushmail and non-Hushmail users. Its headquarters is in Vancouver, B.C., Canada, but other server centers are also in Calgary and Alberta.
A company’s history must be clear so it’s easy for new and existing users to trust them. But this is not the case with Hushmail. After digging out the past, some evidence exposed Hushmail for sharing users’ information with the Canadian authorities.
Hushmail complies with the law and shares all stored or future emails sent or received. The company spy on its users when a court orders. In 2007, Hushmail provided 12 CDS emails to U.S. officials targeting steroid manufacturers.
The CTO of Hushmail, following the case, also accepted that intelligence agencies could break into the encrypted emails of the targeted user accounts through vulnerabilities in the Javascript browser application.
This incident proves that Hushmail records and shares users’ data with higher authorities despite claiming to be a secure email provider. After this incident, no other such incidents to date have been reported. But this incident was enough to prove that Hushmail discloses data in unencrypted form to the government.
Privacy and Security Features
Hushmail is not a versatile and feature-packed email provider. It lacks features other email providers offer, like PhishGuard, enhanced tracking protection, password-protected emails, device-level security, and more. The only advanced features that Hushmail offers are discussed below:
Secure Web Forms
Hushmail secure web forms are the latest and innovative version of the old-fashioned paper forms. You can now create a personalized web form for your business and add e-signatures. The email provider allows you to create a web form by dragging fields to your form. In addition, you can also use ready-made templates for your business forms. All the web forms are end-to-end encrypted and HIPAA compliant, so do not worry about compromised security.
Two-Step Verification
Two-step verification is a powerful feature that Hushmail offers to increase the security of your email accounts. The user enters a verification code received via a text message or alternate email address to authenticate their identity after signing into their accounts.
It is a handy feature that prevents unauthorized access to your email accounts. To enable this feature in your Hushmail account, go to the Preferences page by clicking on the upper right side of the menu > selecting the Security tab > tap the pencil-shaped icon to enable two-step verification.
Electronic Signatures
Electronic signatures are an efficient, legal, and easy way to get electronic documents signed quickly. If you are a Hushmail healthcare user, you can include electronic signatures on your forms. You only need to drag and drop the signature field onto the form. But before that, you have to add e-signatures to forms, and here’s how you can do it:
Log into your account > go to Form Builder> create the form you want to use > drag and drop the signature field onto your form > publish the form.
After signing the documents, you can also track the progress of pending signing requests and view the timestamped activity record of the completed and signed forms.
Besides this, Hushmail also uses antivirus and spam filters that rely on machine learning and pattern-matching technology to detect viruses and spam emails.
User-Friendliness
The best email provider is the one that is easy to install and set up. It must offer a user-friendly interface and dedicated apps for desktop and mobile devices to enhance the user experience.
Is Hushmail easy to use?
Getting a Hushmail account is easy; you can set it up without issues. To get a Hushmail account, you must provide your current email address and phone number, which annoys the users. It uses a blue and white theme, giving the UI a decent look. The user interface is similar to other email providers, ensuring a convenient and personalized user experience.
Composing an email message is not all problematic in Hushmail. It is almost the same as drafting a message in Gmail; you can find all the options in the composition window. Additional options include the Form Builder button and Attach secure web form link. These features allow you to create secure forms and attach the custom forms or other prebuilt forms that Hushmail has.
Moreover, Hushmail also has a Search feature. It is simple to use and helps find all the messages when you type in the word or phrase. The email provider also offers the basic Contacts system; the contact page shows all the information about each contact rather than names and email addresses.
You can create automatic responses, folders, email aliases, and block senders. Also, Hushmail supports SMTP and IMAP, meaning you can work with the Hushmail email using any non-Hushmail account with a real client app instead of a web page.
However, Hushmail lacks calendar and file storage features, which most users don’t like.
How good is Hushmail Customer Support
Hushmail allows users to get in touch and take assistance with customer support via live chat, message, or telephone. The phone and live chat support are available for a limited time from Monday to Friday between 8 AM to 4 PM Pacific time, so you can expect a bit of delay in getting responses from the support team. A message was sent inquiring about the refund policy, but the team responded after 48 hours, which was disappointing.
You can also connect with the customer support team on Twitter, LinkedIn, and Facebook. There is a contact us page; you can scroll down your issue and send your message, but there is no guarantee that the reply will be quick.
On top of that, the Hushmail website is full of knowledgeable resources. It includes FAQs, blogs, in-depth guides, and articles that address common issues that users encounter.
Hushmail customer support service is pretty average. Neither the live chat nor the telephone support feature is available 24/7, which delays addressing users’ problems and causes excellent annoyance.
Which devices is Hushmail Compatible with
A significant drawback of Hushmail is that it isn’t compatible with many devices and operating systems. The email provider is available for desktop users and offers a mobile app for iOS users. But it allows users to set up Hushmail on Android devices using a POP and IMAP account.
The iOS app is the best because of its intuitive design and navigation. You can send encrypted emails and attachments even to people who don’t use Hushmail. It provides real-time notifications and allows you to send and receive encrypted emails for any of your aliases. Also, the app has built-in file protection, supports face ID and touch ID protection, and is fully synced with the webmail account to ensure a seamless experience.
Hushmail: Plans and pricing
Hushmail provides personalized email plans for both individuals and businesses. While there isn’t a free option, you can opt for the 14-day trial of Hushmail Premium, the personal plan. Valued at $49.98 annually, this enticing package boasts two forms of secure email, 10 GB of storage, unlimited email aliases, and the two-step authentication security feature.
Small businesses looking to enjoy Hushmail services can choose Hushmail for Small Business. At $5.99 per month per user and a one-time setup fee of $9.99, this plan ensures you receive the same remarkable features as the Premium plan. The icing is the freedom to use your domain name and create up to 100 email addresses, all seamlessly forwarded to a single account. Should you desire email archiving capabilities, the Small Business Plus plan is available for just an additional $2 per month per user.
If you’re in the healthcare industry and require HIPAA-compliant communication, Hushmail for Healthcare is here to cater to your needs. With the ability to send secure messages to popular email services like Gmail and Hotmail, this plan ensures your sensitive information remains protected. For a modest cost of $9.99 per month, you’ll receive one email account, two secure web forms, and a generous 10 GB of storage.
The five-email account plan offers even bigger storage capacity, five secure web forms, 15 GB of storage, and support for electronic signatures, all for just $19.99 per month. And if you’re seeking even larger plans with additional email accounts and web forms, rest assured, options start at $39.99 monthly.
Furthermore, Hushmail for Law provides a specialized plan to support attorney-client privilege in the US, UK, and Canadian courts. Priced at $9.99 monthly, this plan includes a signed agreement, providing peace of mind and legal protection. Nonprofit organizations can also benefit from Hushmail at a discounted rate of $3.99 per month, while enterprise plans can be tailored to your specific requirements.
Hushmail for Healthcare, Law, and Nonprofits
Hushmail presents a simple and transparent pricing structure for small businesses and individual users. However, regarding industry-specific email services, things can become a bit intricate.
In addition to the typical plans, Hushmail provides specialized services designed for healthcare, law, and nonprofits. These particular plans are not mere replicas of small business plans; they offer industry-specific features at different price points.
For example, Hushmail for Healthcare ensures compliance with HIPAA regulations, prioritizing the security and confidentiality required in the healthcare sector. On the other hand, Hushmail for Law goes a step further by including a signed agreement that asserts attorney-client privilege, catering to the specific needs of legal professionals.
The peculiar one among the industry-specific plans is Hushmail for nonprofits. While it doesn’t offer any distinct features, it comes at a more affordable price than the standard Small Business plan, with a monthly user cost of $2 lower.
For any other unique configurations, Hushmail provides Enterprise plans. This is not the case despite the name implying that these plans are exclusively for large corporations. These plans are available to anyone, enabling you to customize a plan that aligns precisely with your business requirements.
Conclusion
Hushmail is included in the list of secure email providers but is not as private as other email providers. The email provider allows sending encrypted emails to everyone, including non-Hushmail users. It utilizes robust encryption algorithms to maintain the security of your email messages. Besides this, it has a user-friendly interface and gives a similar experience to using Gmail and Yahoo. There is a native app for iOS devices; you can also use it on your Android device.
But, there are certain loopholes with Hushmail, like improving customer support service. Its past track record doesn’t make it the most preferred choice of users. Also, it logs IP addresses and other data, which is unacceptable. However, by undergoing a log and security audit, the company can prove that they value users’ privacy, attracting more users.
FAQs
Share this article
About the Author
Farwa is an experienced InfoSec writer and cybersecurity journalist skilled in writing articles related to cybersecurity, AI, DevOps, Big Data, Cloud security, VPNs, IAM, and Cloud Computing. Also a contributor on Tripwire.com, Infosecurity Magazine, Security Boulevard, DevOps.com, and CPO Magazine.
More from Farwa SajjadRelated Posts
Expert’s Tips To Fight Off Ransomware Email Attacks In 2024
Undoubtedly, ransomware attacks are increasing daily, and this trend will not likely decrease in the...
Can You Trust ProtonMail To Manage Your Emails Anonymously?
If you are worried about how mainstream email providers like Gmail log your data and access every em...
12 Best Private Email Providers To Send Anonymous Emails Anywhere
KEY TAKEAWAYS The best private email providers use impressive features like PGP or end-to-end encryp...
