Secure mail provider with encryption

There are many secure email providers with encryption, but not all really offer good encryption. As new data scandals keep coming to the public, you should look around for a good provider. We show where your mail is safe.

Email: provider with secure encryption

Every major mail provider promises security - but only very few people offer secure encryption:

• If you use an encrypted connection when receiving and sending e-mails, this is by no means a guarantee of secure e-mail transmission. This only secures the transmission between your computer and your email provider - nothing more.
• Instead, encryption via "Public Key Infrastructure" (PIK) has prevailed: the mail is encrypted with a public key and decrypted with a private one. The public key resides on a key server, which you can view and use to encrypt an email.
• That sounds complicated, but it's actually not at all: The Federal Office for Security and Information Technology explains it like this: The public key is an open lock, with which you could safely enclose a letter in a mailbox. Only the recipient can open the box with his private key.
• There are two major standards for encryption, but they are not compatible with each other: OpenPGP or the further development GnuPGP and S / MIME.
• Tip: The easiest way to encrypt your communication is with one of the secure mail providers. According to the Stiftung Warentest, these are Posteo and Mailbox.org.

1. Classic (secure) encryption with "OpenPGP" or "GNU"

OpenPGP (Open Pretty Good Privacy) is a fee-based encryption tool, but it is also available as a freeware version: "Gpg4win" and "Enigmail" are the clever programs that you can use under Windows (Enigmail also with OS and Linux), The encryption works so easily with Outlook and Thunderbird.

1. To do this, you first need your contact person's public key. You can find this (if available) on key servers such as "PGP Global Directory" and "SKS Keyservers".
2. Then write a mail as normal, copy your text to the clipboard and then right-click on the "WinPT button" in the task bar.
3. A context menu now appears with "Encrypt clipboard". Here you can now select the public recipient key.
4. The text is then encoded - copy the encrypted text back into the email. The content can then only be decoded by the recipient with his private key. A pop-up window opens here: "This mail is decoded with an OpenGPG key". Then enter your private key to read the message.
5. This procedure is a bit complex at the beginning - a plugin for Google Chrome makes it a bit easier. We explain more in the following section.
6. Tip: For Outlook and Thunderbird you can use the encryption addon from Pep Coop. The European Cooperative provides free, decentralized tools to make communication safe again.

2. Easier encryption using an add-on

For webmail services, you can use the extension encryption "Mailvelope" under Google Chrome. The tool uses OpenPGP and is also available for Firefox.

1. Once installed in the browser, you can securely encrypt and decrypt your mails in Outlook, Gmail, Yahoo and GMX.
2. To do this, open your webmail service as normal and click on "Write new email".
3. Now a Mailvelope button appears on the text field with which you start the external editor.
4. Now write your mail in this and then click on the padlock to add the recipients. The message is then encrypted with "Transfer".
5. Unfortunately, email attachments cannot be encrypted. The subject is also excluded from encryption.
6. Tip: In order to be able to access Eails securely on your mobile phone, we recommend the Pep Coop app. You get the best protection if you use secure mail providers like Posteo and use the Pep app to check the mails on your mobile phone.

The encryption type "S / MIME"

S / MIME (Security / Multipurpose Internet Mail Extensions) is mostly used by authorities and companies. The keys are issued by certified "trust centers" and are usually subject to a charge. The difference to the OpenPGP is the verification and authentication of public keys. However, this is usually superfluous for private individuals.

• "S / MIME" contains four different classes of certificates - the higher the class, the more closely the certification body checks the identity behind the email address. However, this also increases the costs.
• However, class 1 is sufficient for private users, in which only the existence of the email address is checked.
• We recommend non-commercial providers such as CACert.org who issue such a certificate free of charge.

We'll show you how to use Firefox, Chrome and Internet Explorer to show you how you can leave no traces on the Internet.