We’re obsessed with email security…
so you don’t have to be.
Security is complicated.
It’s also filled with choices between what is convenient and what is secure.
We worked very hard so you could have both.
True End-to-End Encryption for Email
Every SecureMyEmail user generates a unique 4096-bit key pair and secret passphrase during setup. Using these keys, your email and attachments are seamlessly encrypted before they leave your device and can only be decrypted by your recipient(s) who have the corresponding decryption key on their device. This means that no one…not your internet company, your email provider, identity thieves, overreaching governments, or even us, can ever read your encrypted email or attachments.
Native Encryption Software. Not Webmail.
This is a biggie. Most secure email providers force you to use browser-based webmail because it’s easier for them to deploy, not because it’s the most secure method. Webmail requires the provider to store your private key on their servers. That’s a big no-no in our book. SecureMyEmail uses native software, not browser-based webmail, to ensure the highest level of security for your email and attachments.
Your private decryption key doesn’t need to leave your device.
With encrypted email, your private key is everything. It, plus your secret passphrase, is what guarantees that only you can decrypt your email and nobody else. Unlike others, with SecureMyEmail, your private key is generated on your device and can stay there — not on our server. And, if you do decide to move it, to set up another device or some other reason, we offer you multiple secure options to do so.
Key-based Signing/Verification of the Sender
Every email sent with SecureMyEmail can be “signed” and verified with your unique private key. This assures the recipient that the email has not been tampered with en route and is from the sender, not an impostor or Man-in-the-middle.
A Trusted Community with
Enhanced Identity Verification via Social Networks
A big part of cryptography, and online communications for that matter, is trust. You want to make certain that email you’re trusting belongs to the contact or organization you believe it does. To ensure that you can, we modernized the legacy PGP “Web of trust” by incorporating social network methodology, including social networks themselves. Community-sourced trust levels and checks are built in. Users may even optionally authenticate to their FaceBook, Twitter, or LinkedIn account for their contacts to verify against. This keeps impersonators and spammers out of the mix while also protecting you against Man-in-the-Middle attacks.
Standards-based and PGP-compatible
SecureMyEmail uses OpenPGP at its core. Some have even called it “easy PGP.” We religiously followed the IETF’s RFC 4880 to help ensure compatibility with legacy PGP keys and programs. We even added methods through which current PGP users can exchange keys with SecureMyEmail users or import their current PGP keys into SecureMyEmail if they wish. SecureMyEmail users may also export their keys into other PGP-compliant programs, or provide their public key to websites, such as Facebook, to encrypt communications. Or, if you have no idea what any of this geeky stuff is, nor want to, SecureMyEmail is for you too!
Incorporated and Hosted in Switzerland
SecureMyEmail servers are built and hosted in Swiss data centers with carrier-grade physical security and uninterruptible power. They are managed by our Swiss corporation, Better World Security GmbH, in the Canton of Geneva. This means your SecureMyEmail data is protected not only at a technical and physical level, but by what are considered to be the strongest privacy protection laws in the world.
Connections between your devices and SecureMyEmail systems are reinforced with multiple layers of modern security best practices. To start, our APIs are set to prefer Transport Layer Security (TLS)1.2. This latest version of TLS replaces SSL and provides access to advanced cipher suites that support elliptical curve cryptography and AEAD block cipher modes, including the very nice GCM cipher suites. We additionally deployed Ephemeral Key Support to enable “perfect forward secrecy,” and HSTS on all our API servers. Lastly, we use a Swiss certificate authority to ensure even the certificates themselves are outside the control of US or EU government agencies.
Advanced Email Crypto Features
As simple as it is to use, SecureMyEmail has advanced features for original crypto gangstas. Active/inactive key management, on-demand key regeneration, importing and exporting of keys, etc. are all included functions under the Advanced Menu.
Easy to Use
Is easy a security feature? Absolutely it is. When encryption is complicated, it’s not used or used incorrectly. That’s dangerous. SecureMyEmail is so easy to use it will popularize encrypted email and make us all safer as a result.