ProtonMail Features
ProtonMail is a featured-rich email provider that offers various features to boost your email privacy and ensure a smooth user experience. To have a quick overview of ProtonMail, let’s first compare its strength and weaknesses:
If you are worried about how mainstream email providers like Gmail log your data and access every email in your mailbox, a secure email provider like ProtonMail can help maintain email privacy. ProtonMail belongs to Proton Technologies, which has a history of maintaining users’ privacy and has launched privacy-focused products like Proton VPN.
ProtonMail is the first and the most polished email provider to receive shoutouts on various social media platforms. It uses end-to-end and zero-access encryption to protect your emails from all prying eyes. Also, it offers a great range of security features to keep your email communication private.
Privacy and security
The best private email providers allow users to send anonymous emails without any trackbacks. They ensure no third party can invade their email privacy and thus use robust end-to-end encryption and other security-focused features.
They should belong to a secure jurisdiction that doesn’t invade users’ digital privacy and follows a strict no-log policy. Therefore, it is vital to analyze these aspects while inspecting the security and privacy of a private email provider like ProtonMail.
What type of Encryption does ProtonMail use?
ProtonMail encryption makes it the most secure and special among others. It uses asymmetric encryption to encrypt and decrypt the messages you receive. All the emails are end-to-end encrypted so that no one except the recipient can view the messages.
The messages are also protected with automatic and built-in PGP encryption. This encryption makes it possible to send emails to people who don’t use ProtonMail. Besides this, the emails are stored using zero-access encryption, meaning no one else can read or share them with any third party. This includes messages received from both ProtonMail and non-ProtonMail users.
Jurisdiction of ProtonMail
ProtonMail is located in Switzerland, a safe and privacy-friendly jurisdiction that gives users some mental peace. The email provider’s headquarters are in Switzerland, which respects users’ privacy and isn’t a member state of the Five Eyes, Nine Eyes, and Fourteen Eyes Surveillance Alliance.
The country is not bound by a formal international agreement to record and share data, so users don’t have to worry about their data and activities being logged.
Switzerland is part of the European Union, so the EU data retention laws apply. However, in an appeal, the Swiss Federal Administrative Court confirmed that email service providers like ProtonMail are not considered telecommunications providers and are not subjected to the data retention laws enforced on them. So, ProtonMail won’t compromise your privacy.
Does ProtonMail keep logs?
ProtonMail promises not to keep IP logs or other metadata to keep emails private and anonymous. However, after analyzing the privacy policy, it was shocking that ProtonMail follows a shady privacy policy and temporarily records the IP logs.
The email provider has access to various email metadata, including the IP address, timings when the message was sent and received, message subject, and content of unencrypted messages sent from other email providers.
ProtonMail also accepts that it logs the IP address for a temporary purpose. It logs it to prevent crimes and cyber attacks. However, if it observes that the user is involved in activities violating its terms and conditions, it permanently stores the IP logs. This means that the email provider monitors and tracks your online communication, which is unacceptable from a privacy perspective.
Unlike other email providers, the ProtonMail code has been audited by a third-party audit firm. No significant vulnerability has been found, which ensures maximum online protection. Still, the company must also audit its log policy, so disappointed users on Reddit and elsewhere can rest assured that trusting ProtonMail is not wrong.
Past history of the Email provider
Proton Technologies is the parent company of ProtonMail and has also launched other products, including Proton VPN, Proton Drive, and Proton Calendar. The company was established in Switzerland in 2014 when scientists met at CERN and decided to build a better internet where users can enjoy maximum privacy.
However, ProtonMail was under fire for sharing a user’s data with a law enforcement agency. In 2021, the Swiss authorities shared a climate activist’s IP address with the French police despite using strong encryption. Privacy experts and users criticized the email provider for violating individuals’ privacy.
The ProtonMail CEO, in a series of tweets, said that if any crime is committed, the company is compelled to share the information, and the privacy protections are suspended. The email provider also slightly changed its privacy policy on the same occasion. Previously, ProtonMail claimed that they don’t keep IP logs, but after this incident, it’s mentioned in their privacy that they retain IP logs temporarily.
Privacy and Security Features
ProtonMail is a reliable email provider, offering various privacy and security-enhancing features depending on your subscription plan. Following is a brief insight into the feature that comes with ProtonMail Plus and the Visionary plan:
Self-destruction messages
ProtonMail allows you to set an expiring time on the emails you send. By default, all emails sent from the ProtonMail account do not expire, but by enabling this feature, you can set an expiry time of up to 28 days. Once this feature is enabled, the encrypted emails will be deleted automatically from the recipient’s inbox.
This feature is available for encrypted messages between ProtonMail users and password-protected emails sent between ProtonMail users and people who don’t use ProtonMail. To turn on this feature, open email composer > New message > click on the ellipsis menu at the bottom of the email composer and select the option that says Set expiration time > choose the Expiry time > click on set.
Password Protected Emails
Password-protected emails are another impressive feature of ProtonMail that allows sending encrypted emails to all users. The emails sent between ProtonMail users are end-to-end encrypted automatically, but the best thing is that you can also send E2EE emails to people who don’t use ProtonMail.
With this feature, the recipient receives an email that tells them they have sent an encrypted message, but to read the message, they need to enter a password. Entering the agreed-upon password takes them to a secure ProtonMail mailbox where they can read and respond to the messages. This feature is set before sending the email; click the Encryption button with a lock icon > Select a message password > click on Set. You can now see a lock icon next to the recipient’s address, indicating the email is now encrypted.
When you respond to a message sent by the recipient of a password-protected email, your response is not end-to-end encrypted. You need to re-enable the password-protected email feature; otherwise, the entire message history will be sent unencrypted.
Enhanced tracking feature
Business companies send emails using an email tracker option that collects sensitive information like IP address, geographic location, device time, and operating system. The collected information creates your profile to target you with personalized ads.
This is a violation of privacy, and seeing several ads spoils the user experience. ProtonMail offers an enhanced tracking protection feature that blocks email trackers so you can view the content of the email without being tracked for targeted advertising.
When an email containing the tracker is opened, it will remove it and notify you. The email tracker feature is enabled by default, but you can disable it by navigating the Settings menu. Click on Settings > ProtonMail > Email privacy > Turn off the Block email tracking option.
PhishGuard
Email phishing is the easiest technique hackers use to trick users into gaining access to sensitive data. ProtonMail offers anti-phishing protection through the PhishGuard feature. It prevents the ProtonMail accounts from phishing attacks by flagging the spoofed email addresses and marking them in your inbox.
Users can also check if the email they received is spoofed by looking at the encryption icon. The presence of the blue lock icon means that the email has come from a legitimate source.
Link confirmation
Hackers have become sophisticated enough to compromise device security to access users’ sensitive data. ProtonMail offers a link confirmation feature to identify suspicious links and maintain device security. When this feature is enabled, a window pops up every time the user clicks on the hyperlink in the email. The pop-up shows the entire URL length so a user can inspect it and decide whether to click it.
The link confirmation feature is enabled by default, but you can also turn it off or on by navigating to the Settings menu.
- Windows: Settings > ProtonMail > Messages. Tap on the Confirm link URLs to turn them on or off.
- Android and iOS: Go to Menu > Settings > Account settings > Account name > Mailbox > Privacy and tap on the Request link confirmation switch on or off.
Advanced Protection
ProtonMail uses an advanced protection feature to keep your email communication secure and anonymous. The email provider uses advanced algorithms and machine learning technology to detect sophisticated attacks targeted against specific ProtonMail accounts. The account user is warned, and the account is secured automatically before any damage is caused.
Two-Factor Authentication
Another impressive feature offered by ProtonMail is two-factor authentication. This useful feature adds an extra layer of security by allowing users to set an extra identity verification step to the standard login procedure.
The users provide a one-time passcode generated via the device or authenticator app in addition to the username and password to access the account. Using this feature, if the account credentials are compromised, the attacker can’t access the account without physical access to the device.
AppKey protection system
ProtonMail maintains the integrity of the iOS app with an innovative device-level security feature called the AppKey Protection System. This feature adds an extra encryption layer on top of Apple’s built-in local device encryption to secure the sensitive ProtonMail data.
With this feature, the ProtonMail data remains secure from stalkerware, hackers, and tools that aim to spread malware on your device. To use this feature, enable FaceID, TouchID, or PIN protection in the Protonmail iOS app settings.
ProtonMail Bridge
Bridges is a premium ProtonMail feature that encrypts incoming and outgoing emails. It is a desktop application that runs in the background and encrypts and decrypts messages as they enter and leave the system. To increase data security, ProtonMail bridges use unique passwords that are different from your login password.
These bridges also allow downloading offline copies of your emails on your device. By creating a local email server on your computer, you can integrate the ProtonMail account into your favorite email clients, Thunderbird, AppleMail, and Outlook, via IMAP and SMTP.
Most of the ProtonMail features discussed above are available in the Plus and Visionary plans. Hence, to benefit from these features, you must upgrade to a premium subscription plan.
User-Friendliness
Besides guaranteed email security, an email provider must provide a smooth and hassle-free user experience. An email provider like ProtonMail should offer various customizable options, dedicated apps for all major apps, and an excellent customer support facility.
Is ProtonMail Easy to Use?
ProtonMail is easy to download and use. Visit the ProtonMail signup page, choose the plan you’re interested in, and follow the instructions to complete the download process. Its layout is familiar to Gmail, Outlook, and Yahoo and easy to navigate. Users can easily find all the basic functions, such as creating new messages, accessing draft emails, and adding new contacts.
The user interface is also pretty attractive. Recently, the company revamped its entire UI, so it now looks more appealing than before. There are also various options to customize the layout; you can adjust the inbox, template color, icon sizes, and writing style.
The paid versions of ProtonMail also allow the creation of custom folders and the use of filters and labels to organize emails. All these options make ProtonMail one of the most convenient and customizable email providers.
Moreover, ProtonMail also offers a calendar app. This app is best because it is end-to-end encrypted and protects the schedules, titles, locations, and descriptions of any event from a third party.
What devices is ProtonMail compatible with
ProtonMail offers dedicated and user-friendly desktop, Android, and Apple apps. Anyone can download these apps from the ProtonMail website or Apple or Google Play Store; each app includes all features and allows easy and secure access to encrypted emails. The users on Reddit have appreciated the web app for being simple, making it pretty easy to use.
Some users have shown great disappointment in mobile app versions. For instance, in the iOS app, the email icon notification needs to be fixed. Even if the reader has read the email, it, again and again, shows a notification. Besides this, there are also issues with the Android app, like it doesn’t have a conversation view, and the app notifications are not synced until the ProtonMail app is opened.
How good is Customer Support
It offers decent yet limited options for connecting with the customer support team. The email provider doesn’t have a live chat feature option, which is disappointing. To establish a direct connection with the member of the support team, users need to submit a contact form or can also send an email. If you are a paid user, you’ll get priority, and your queries will be addressed soon.
The website is also full of knowledgeable material that offers great help to users. You can find blogs, news, FAQs, and guides. A help and support section includes account settings, plans and payments, mailbox customization, and security and privacy.
FAQs
Share this article
About the Author
Farwa is an experienced InfoSec writer and cybersecurity journalist skilled in writing articles related to cybersecurity, AI, DevOps, Big Data, Cloud security, VPNs, IAM, and Cloud Computing. Also a contributor on Tripwire.com, Infosecurity Magazine, Security Boulevard, DevOps.com, and CPO Magazine.
More from Farwa SajjadRelated Posts
Expert’s Tips to Fight Off Ransomware Email Attacks in 2024
Ransomware attacks are increasing daily, and this trend will likely not decrease in the upcoming yea...
Hushmail Review: Does It Provide Enough Security?
Hushmail features 3 (221) Compared to other email providers, Hushmail lacks several advanc...
12 Best Secure Email Providers to Send Encrypted Mails
KEY TAKEAWAYS The best private email providers use impressive features like PGP or end-to-end encryp...
