Chances are, with Gmail’s 75% market share, you send and receive email through Google. But if you care about your privacy, this might be cause for concern. So what does secure email like ProtonMail offer that Gmail doesn’t…and is it possible to switch or use both simultaneously?
Be sure to subscribe to the All Things Secured YouTube channel!
To begin, let’s be clear about one thing: Gmail is still a very useful service and one that I use every day.
It is a relatively secure platform and if you’re willing to tweak a few settings, there are ways to secure your Gmail account effectively.
However, my desire for increased privacy has prompted me to supplement my use of Gmail with a more privacy-focused email provider like ProtonMail (which is the one I use). It’s a strategy that has served me well and I’ll explain how I use it here.
The most useful place to begin, though, is understanding the basics of email encryption so you can compare the two.
Note: Some of the links in this article may be affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed. I only recommend what I personally have used, and I appreciate your support!
Email Encryption 101: TLS vs End-to-End
Most email providers, including Gmail, use what’s known as TLS, or Transport Layer Security to encrypt emails as they’re being sent across the internet.
It’s the standard, and it works, but it falls short because it gets decrypted once it reaches the target mail server.
Let me put it this way: imagine that I’m sending you a top secret message. It gets placed in a lock box and delivered to your door, but once it arrives at your house, the box is unlocked and the message can be read by anyone in the house.
Transport Layer Security in a Nutshell
Email encrypted via TLS is delivered securely, but once it arrives at the destination server, that security is gone.
End-to-end encryption works differently.
Using this method, I place my top secret message in a lock box and send it to your home. I also send you a private key to that box separately. The box arrives at your home but it remains locked until you use the private key I gave you to unlock it.
End-to-End Encryption in a Nutshell
Email encrypted via End-to-End Encryption is delivered securely, but can only be opened by a recipient who has the private key.
Practical Example of End-to-End Encryption
Let me give you a more practical example from my life.
A few weeks ago, a family member asked me to send my social security number that was needed to open a certain account.
Using Gmail, I can send this sensitive information and be confident that it will arrive securely. That’s TLS encryption at work.
However, once it arrives at the destination, I have no guarantee that the message I sent will remain private or available only to my family member. Your email provider can see this message, even if they’ve promised not to scan it for ads, and if the email account were hacked or compromised, so would my ID number, since I can’t be sure they deleted my message.
So what I did instead was send an end-to-end encrypted message using ProtonMail to my family member.
I sent them the private key, basically just a short passphrase I made up, in a separate text message. They received the email and used the private key in order to unlock the email and see my social security number.
Even if they never deleted that message off the email servers, my ID will never be readable by the email service provider and isn’t at risk in the event of a hack because it requires a private key to open.
Let me give you a look inside my ProtonMail inbox for a moment.
ProtonMail Review 2023 | A Peek Inside
So why do I use ProtonMail?
So let me give you a peek inside my secure email inbox so you can see what it looks like. This is my ProtonMail inbox, which is laid out very much like every other email account you’ve used.
I have all the folders for organization on the left, with the actual emails and all nested replies taking up the majority of the screen.
I have the same ability to label, organize, mark as spam, archive and delete emails as I do in Gmail.
So far, there’s not much difference between Gmail and ProtonMail until we click to create a new message. The difference is found in these two icons on the bottom that look like an hourglass and a lock.
These allow you to set an email expiration and end-to-end encryption respectively. Remember that private key I was talking about? This is where I create that passphrase that I’ll give to my recipient in order for them to open it.
So let’s say I send an end-to-end encrypted email from ProtonMail to a Gmail user. What they receive is an email alerting them of the new message and a button to view it.
This brings them away from Gmail where they have to input the password to reveal the message. The data is never stored on Google’s servers and my recipient doesn’t have to open a ProtonMail account to view it.
Added Features: ProtonDrive and ProtonCalendar
ProtonMail gives me access to encrypted cloud storage called ProtonDrive, which allows me cloud storage for larger email attachments. This is very similar to Google Drive except with a greater degree of encryption and privacy.
There’s also an online calendar feature. Both of these are still in beta as I record this, but I’ve been using them for a couple of months without any problems.
The calendar feature extends my privacy to my calendar, which many of us don’t realize we give up when we tell Google everything we’re doing and where we’re going to be.
Using the ProtonMail calendar, I can still create meetings, invite outside users, set reminders and work with different time zones.
Unfortunately, it hasn’t replaced my Google calendar yet, mostly because there isn’t a mobile app available, but I’m still attracted to the idea of a more private personal calendar.
Proton is also the same company that offers the free and premium ProtonVPN, a service that encrypts the data you send over the internet. While it isn’t included as part of ProtonMail, it is a good addition to their family of software.
Is Paying for Secure Email Worth It?
Ok, so the big question: is it worth paying for a secure email provider like ProtonMail when you can get Gmail for free?
I mean, we’re talking about $50 a year, but if you’re looking for ways to create stronger privacy and anonymity for your online life, this is an easy way to do that.
For me, I use a secure email address as the primary contact for all my bank and investment accounts and I don’t publish this email address anywhere. This minimizes the risk of anybody gaining access to my finances through an email breach. I also use the secure email address whenever I’m sending tax documents to my CPA or for that matter, sending sensitive data anywhere.
Open a ProtonMail Account
Free version available!
It’s your choice, and ProtonMail has a limited free option that you can easily set up and try.
On the surface, Gmail and ProtonMail look and feel mostly the same, but the foundation of encryption and privacy is very different, and that’s what makes this such an important thing to consider.