One other neat addition to end-to-end encrypted electronic mail consumer ProtonMail: It’s added a zero-access encrypted contacts supervisor that additionally digitally indicators the contact data you retailer in it.
The brand new options have been added to v3.12 of ProtonMail’s internet consumer, with the Swiss-based startup saying it’s engaged on additionally bringing the characteristic to its Android and iOS apps.
In a weblog submit saying the contacts supervisor, it says the characteristic is a safety profit particularly to these with a robust must preserve sources confidential — akin to journalists — though it’s price noting that any electronic mail addresses saved within the contacts supervisor usually are not encrypted (so the added safety layer solely applies to telephone numbers and addresses).
The addition of encrypted contact fields brings many safety advantages. For instance, in case you are a journalist with a confidential supply, it is extremely vital to guard the telephone quantity or deal with of that supply. Utilizing the notes discipline in contacts, you can even add different details about the contact that might be protected with zero-access encryption. So as to do electronic mail filtering, we don’t use zero-access encryption for electronic mail addresses — doing so additionally doesn’t considerably enhance privateness as a result of as an electronic mail service, we essentially should know who you’re emailing so as to ship the message.
It provides that it’s digitally signing contacts to “confirm the integrity of contacts knowledge” — providing customers a “cryptographic assure that no person (not even ProtonMail) has tampered along with your contacts”.
The brand new digital signatures are used for all contact fields, together with electronic mail deal with, with signed (and thus untampered) contacts being denoted by a tick icon displayed alongside.
ProtonMail‘s zero entry encrypted electronic mail service exited beta in March final 12 months. The corporate affords each a free e2e encrypted electronic mail consumer, with restricted storage and have, and paid tiers that beef up out there capability and capabilities.
It tells TechCrunch the brand new digital signature verification for contacts is on the market for all customers.
Whereas the e2e encrypted contact fields characteristic is at present solely out there for paid customers — though co-founder Andy Yen says “this will likely change sooner or later”.
“In our view, verifying the authenticity of contacts knowledge is much more vital than hiding contacts knowledge which is why digital signature verification is on the market for everybody,” he provides.
The complete implementation of each options will be examined by outsiders through ProtonMail’s supply code, which it open sources.
The corporate can be trailing plenty of further safety enhancements that it says will construct on the brand new contacts supervisor — and are coming in 2018.
“For instance, our new contacts supervisor can be prolonged to retailer public keys, which is an integral part for each sending PGP messages to individuals who don’t use ProtonMail, verifying the integrity of the keys themselves, and verifying the authenticity of obtained messages through digital signatures,” it writes, including: “We’re engaged on these, and plenty of different safety enhancements, and look ahead to sharing them with the ProtonMail group sooner or later.”
The professional-privacy startup reported a lift in signal ups for its electronic mail service a 12 months in the past, following the election of Donald Trump within the US.
Yen says ProtonMail has round 5 million customers at this stage — throughout its electronic mail product and a VPN service it additionally now affords.
Featured Picture: Bryce Durbin/TechCrunch