Many people cannot imagine a world without email, and those who are old enough to have lived in that world, probably struggle to remember it clearly. Email is one of the primary means professionals communicate throughout their workday. Yet, emails in themselves are less secure than traditional faxes.
Encrypted mail uses algorithms, or ciphertexts, to turn plain text into encoded text. The recipient has the digital key or cipher to decode the email on their end. Unencrypted mail sends the mail as plain text, with no encoding, which makes unencrypted mail much easier to intercept and read.
Because most of us use emails every day and often to send sensitive personal information such as invoices, addresses, or even banking details, it makes sense that we want those emails to be as secure as possible. So how does encryption work, do you need it, and what encryption should you look for in an email provider?
How Does Mail Encryption Work?
If you have ever watched a treasure-hunter-type film like Indiana Jones or National Treasurer or played the Tomb Raider games, you have at least some basic understanding of how encryption works.
One of the most famous encryption technologies used in the last century was Germany’s Enigma machine of the Second World War. Incidentally, the device invented to decrypt Enigma is often credited with being the first computer ever built.
The basic premise of encryption is to substitute text within a letter for other text, numbers, or symbols based on a set key or cipher. The most basic form would be to substitute every letter in the alphabet for numbers one to twenty-six. “A” would be
written as “1”, “B” as “2”, etc.
If someone intercepts that encrypted letter before reaching its destination, the naughty person in the middle cannot read it without understanding the cipher. But, on the other hand, if the encrypted letter reaches its destination, the reader could then use the cipher to decrypt it back into plain legible text.
The Enigma machine used multiple layers of encryption that changed every day, making it almost impossible for the allies to decrypt any intercepted messages. Almost.
Today we don’t have a manual encrypting machine competing against a mechanical computer; we have millions of incredibly advanced digital computers competing with one another.
These computers can encrypt and decrypt far more complex algorithms and ciphers, leading to many different encryption standards, with some being more secure than others.
Here is a video explaining how encryption works.
Do You Need To Use Encryption?
Some of you will remember when we used to send cheques or other sensitive documents via postal mail. However, you will also not forget that you likely used a security-type envelope when you sent a cheque. These envelopes were hard to see through and were typically sent via registered post, ensuring their safe delivery.
Sending a cash cheque through the post without these envelopes was a sure way to get your mail intercepted and money stolen.
We often believe that emails are somehow immune to interception because there is no physical envelope to intercept and read. Unfortunately, this is not the case; emails can be easier to intercept and are intercepted more often.
The truth is that email was never designed with any privacy in mind. On the contrary, emails were quite the opposite; they were completely open, and anyone monitoring the traffic would’ve been able to intercept and read emails.
Although this has been improved, it is estimated that since 2013 there have been more than 13 billion stolen or lost data records which have totaled a financial loss of several million dollars.
At this point, you should be nearly convinced that it can be a bad idea to send encrypted mail.
“I don’t use encrypted mail unless I send sensitive information,” I hear you say. And although this is perhaps a positive step in the right direction, it could also be a bit counterintuitive as it potentially shows hackers which of your emails are important; the one percent of emails you encrypt.
Furthermore, if you have a business in a country like the USA with regulations governing privacy and handling personal data, you should have mail encryption.
Many of those regulations could see you smacked with a fine if private data is leaked/intercepted from your company or PC.
Free Mail Service Providers Read Your Emails
Maybe you don’t run a business, and you never send any confidential information via email, and you highly doubt that all this encryption business applies to you. However, if you are using a free email service such as Yahoo or Gmail, it may apply to you more than you think.
Most free email providers will read your emails and collect the data onto their service to form a more accurate image of you. This data can be used for targeted advertising based on, for example, your email conversations or stuff you have ordered.
Are you worried yet? No? Well, what if I tell you that services like Gmail also have agreements to share said data with the government (should “national security” require it). And you thought they didn’t know about your Bitcoin!
Unfortunately, there isn’t a great way around this other than switching to a provider that offers improved encryption and privacy. Unfortunately, most of the time, these providers won’t be free.
The Four Layers Of Email Encryption
If you are looking for a new email service provider, there are essentially four layers of security and encryption that you should consider. Although it may come at a price, a good email provider will offer all four of them.
1. Transport Layer Security
Pretty much any mail service provider should use transport layer security (TLS) as a foundation for mail encryption. As the name suggests, TLS is the process of encrypting the mail while it is being ‘transported’ over the internet.
This encryption happens through a kind-of handshake between you, the server, and the recipient. For example, your computer lets the server know, “Hey, I have this mail for Joe Black.” The server responds by grabbing the mail, locking it up, and sending it to Joe with the keys.
You should note that even with TLS, the data is stored on the server, and should there be a server breach, your data will be ripe for the picking.
2. Zero Access Encryption
Zero access encryption would be the next step in addition to TLS. Zero encryption means that all the mail data is encrypted even in a stored state.
This zero-access encryption doesn’t allow anyone to access and read your stored emails, including your email service provider.
However, keep in mind that your email provider’s servers still do the encryption, so there is a short period of vulnerability where your mail could be intercepted and read by your service provider.
3. End-To-End Encryption
End-to-end encryption is often painted as the better alternative to zero access encryption. Where zero access encryption happens on the mail server, end-to-end encryption happens on your device before sending it to the server—only the recipient, who has the “keys” on their side.
Although end-to-end encryption is the better option, not all mail providers support it. Some providers, such as Proton Mail, use end-to-end encryption as the preferred option, and zero access encryption deals with emails from other, unsupported providers.
4. A Good Email Provider Should Not Collect And Retain Data
The fourth layer is not really a measure of encryption but is something to watch out for when shopping for an email provider.
A good email provider will not read, collect and retain any of your data. As I have mentioned before, this is not the case with most popular, free email providers, so if you are sending around credit card details on Gmail, be aware that they store that data on their server.
Have a look at this video that explains what to look for in an email provider:
Conclusion
The email was never designed to be a highly secure platform, and it used to be that anyone on the network could grab and read your mail. Encrypted mail uses various complex algorithms and practices to encode your emails so that they cannot be read by anyone without the key or cipher.
Unencrypted mail sends your emails in plain text format that can be read by anyone who is able to intercept it. Having your emails intercepted can expose your personal and financial information, or even the data of others, possibly landing you in legal hot water.
