Using your current email address, or addresses, Pryvate’s™ integrated email component establishes the secure environment necessary for private, safe and secure communication. As the email segment communicates directly with the server, and all emails are encrypted locally on your device, no unsecured data will ever leave, or live on, your smartphone or tablet computer.
Pryvate™ Encrypted Email
Pryvate™ ENCRYPTED EMAIL
Email seamlessly and securely with anyone (on any platform) around the globe just as easy as you do today with our other communications products.
All corporate measures currently in place, such as Backup are kept in tact! This does NOT have to change any procedures, rules or working installations to use the Pryvate™ Email!
Pryvate™ Encrypted Email
Email encryption software is intended to eliminate the risks posed by network eavesdroppers. In general, email communications are passed through the ether using unprotected protocols such as SSL/TSL, and are transmitted in plain text across local networks and the internet. As a result, email messages and their attachments can be intercepted and read by those wishing maliciously to attack you or monitor your messages. And it’s not just potentially sensitive information that is at risk (such as bank details, log-in credentials, and so on). Hackers who gain access to your email messages can access content from you and your contacts, or even hijack your entire email account.
What is Email Encryption?
In response to such risks, email encryption software scrambles every email message and attachment, and makes the recipient responsible for decrypting the message when it arrives in their inbox. Encryption makes the content of your emails unreadable as they travel from origin to destination, so even if you are hacked, the content of your messages is not disclosed.
Why use Pryvate™ Encrypted Email?
When you use our encrypted email solution, you can designate any or all of your email addresses as secure. Additionally, Pryvate’s service is agnostic, which means that secure emails can be sent from any platform to any other platform, such as Android to iOS and vice versa, using any client of the user’s choice. This means that users do not need to be retrained on new platforms and IT staff can keep their existing technology and procedures in place.
All of your emails are secure, encrypted and completely private and can be sent over 3G, EDGE, GPRS, UMTS, HSPA, W-CDMA, & Wi-Fi connections. Encryption keys are automatically created on your smartphone for each individual email and the associated single-session keys are never stored or known to Pryvate™.
Pryvate™ Email Encryption – Technology Specifics
Pryvate™ has developed a communications platform that has an integrated, secure email component. No unsecured data will ever leave the device, nor will any key material live on it. By separating these two areas, we have built in a layer of security that goes beyond that proposed by the British Standards Institute.
All communication between your app and the server is fully encrypted, TLS-based or RSA4096-protected. We employ different schemes of encryption on data travelling from the app to the server and from the server to the app. Key material that is encrypted for sending to the server in-device is done so using the public key of an RSA4096 key pair. The connection between app and server is therefore considered unbreakable using current techniques and technology.
The return communication to the app from the server is protected by the AES 256-bit key that is sent to the server (RSA4096) and as such, can be read only by the server. This key is freshly generated (and never stored) for each communication between server and app. Each communication to and from the server always takes place over a TLS-certificated secured link; this adds to the security and helps avoid ‘man-in-the-middle’ attacks, and is in accordance with BSI TR-03145.
Pryvate™ only uses true and tested public algorithms (that is, RSA4096 and AES256) in international implementations with NO backdoors. This is a requirement of BSI TR-03116-4. Additionally, all DNS requests are routed through our servers and are compliant with DNSSEC.
As we are not in a position to manage the transport of the message once the message is encrypted and encapsulated in the .pry attachment, it is sent directly to the user’s current mail client on their device (hopefully this is a DANE compliant mail transport). As we have no control over the user’s choice of email client, we make the data as secure as possible and that is the reason why we separate the key material from the data.
We comply with the Datenschutzanforderungen (BDSG) and richlinie BSI TR-03108, which makes our product one of few software tools that will be above the level of security as highlighted in Sicherheitskonzept TKG- ISO27001.