Email messaging has been around for decades, and it’s widely used by businesses and individuals when sending a private text that the sender and receiver should only know. But are email servers secure enough to ensure that email communications are only between the sender and receiver? So far, email servers don’t have an encryption tunnel to protect your emails from hackers and other intruding third parties.
So, how do you send an encrypted email? You can use an email encryption protocol like S/MIME and PGP/MIME. To learn more about how to encrypt email in Gmail and Outlook on iOS and Android devices, continue reading.
What is Email Encryption?
The “What is email encryption?” answer is simple yet complicated. Email encryption makes your email unreadable to third-party intruders by scrambling it or making it a puzzle that needs a key to solve.
Email encryption is done through the use of public key cryptography. This way, the email will be stored in a key server, with the recipient’s name and email waiting for them to decrypt.
Encrypting emails can help secure your data and login details. On top of that, no unauthorized persons can access the sensitive information you’re sending. It keeps you safer and at less risk of being a victim of identity theft and other malicious crimes committed on the internet.
Types of Email Encryption
To figure out how to send an encrypted email, you need to understand the email encryption types. There are two main email encryption protocols: S/MIME and PGP/MIME. When encrypting an email, you must ensure that the person you’re sending it to uses the same type of email encryption; otherwise, it won’t work.
To help you understand how email encryption works, here’s more information on its main types:
S/MIME
S/MIME stands for Secure/Multipurpose Internet Mail Extensions. It’s used for public key encryption and was developed by RSA Data Security. You can find it integrated into most modern devices on the OSX and iOS operating systems. This makes using email servers such as Apple and Outlook easy to use.
When you receive a S/MIME encrypted email, you must decrypt it using a digital signature that’s unique to you. This is why you need to use the same email encryption protocol as the sender. You can also open an encrypted email if you’ve previously received and signed an email from the same sender.
This is an easy-to-maintain email encryption protocol because it’s centralized. The centralized authority determines the encryption algorithm and key size.
PGP/MIME
PGP/MIME stands for Pretty Good Privacy/Multipurpose Internet Mail Extensions. Unlike S/MIME, PGP/MIME is a decentralized email protocol. It encrypts and decrypts emails using the public key infrastructure (PKI) approach. This means that when a sender encrypts an email with their public key, the recipient has to decrypt it with their private key.
This is a more flexible email encryption protocol, but to use it, you’d need a third-party encryption tool. PGP/MIME is easy to use, and you can choose the level of security the encrypted messages you receive should have. It can be used on Gmail, Yahoo, and Proton Mail with the help of third-party apps.
How to Encrypt Emails
How does email encryption work? To better understand how to encrypt your email, we have step-by-step guides on encrypting emails in Gmail, Outlook, iOS, and Android.
Encrypting Emails in Gmail
To encrypt emails in Gmail and other web-based email servers, you can use PGP/MIME. Remember that since it’s a decentralized protocol, PGP/MIME can be accessed through an encryption tool. You can use tools such as Mailvelope, EnigMail, GNU Privacy Guard, or GPGTools.
Mailvelope is a Chrome extension and can be a more straightforward tool to opt for when encrypting an email with Gmail. Before we go through the steps, make sure that you install this extension and allow it to send emails on your behalf.
Step 1: Go to Mailvelope Options
Open the “Key Management” tab. Select, generate, or import your key.
Step 2: Export Your Key
Select the key and press the “Export” button. Save the file with the key on your device.
Step 3: Compose Encrypted Email
Press the Mailvelope icon to compose the encrypted message or press “Encrypt” in the Mailvelope interface.
Step 4: Fill in the Fields and Send
Enter the recipient’s address, subject line, and text. Attach files if necessary. You can also add an extra key in this step. Press “Send.” Keep in mind that your recipient should have a PGP key to encrypt your message.
Step 5: Enter the Key Password
Enter the key password to send the email.
Encrypting Emails in Outlook
Encrypting emails in Outlook requires a digital certificate. If you don’t have one yet, we’ve included details of how to create it in the How to encrypt email in Outlook guide below:
Step 1: To Obtain A Certificate, Navigate to Trust Center Settings
On Outlook, go to Files, click Options, Trust Center, and then Trust Center Settings.
Step 2: Go to Email Security
On the left, click on Email Security.
Step 3: Go to Encrypted Email Settings
Navigate to Encrypted Email, then click on Settings at the bottom.
Step 4: Select the Certificates and Algorithms Option
When a pop-up with the Certificates and Algorithms option appears, click on it, select S/MIME Certificate, then press ok.
Step 5: Wait for the Certificate to be Installed
Once the certificate’s installed, wait until the installation finishes and return to the Outlook menu.
Step 6: Open S/MIME Settings
Choose to encrypt the entire email text and attachments or to add a digital signature. You can do this by following all the steps.
Step 7: Click on the Three Dots
Click on the three dots for more options. These will help you deselect messages you don’t want to encrypt.
Encrypting Emails on iOS
To encrypt emails on iOS, you can use S/MIME, as iOS devices have this protocol integrated. Below are the steps on how to send encrypted email through an iOS device:
Step 1: Go to Mail Settings
Navigate to the Mail Settings of your iOS device and choose the mail account you want to switch on encryption for.
Step 2: Turn on “Encrypt by Default”
Go to the Advanced settings of the account. The “Encrypt by Default” option should have a “yes” next to it. To turn it on, you must have a valid S/MIME certificate on your phone.
Step 3: Click on the Lock Icon
When writing the message, make sure you’ve clicked on the lock icon next to the recipient’s name.
Step 4: Lock Icon Colors
The blue lock icon shows that the recipient also has S/MIME activated and will be able to receive and read your email. The red one, however, indicates that the recipient hasn’t turned on their S/MIME and won’t be able to read your email.
Encrypting Emails on Android
Encrypting emails on Android requires downloading and installing a third-party encryption protocol app. Unlike iOS, Android doesn’t have email encryption integrated into it. This means that you can choose a convenient encryption tool depending on the email server you’re using.
For instance, if you’re emailing with Outlook, it would be easier to opt for S/MIME than it is with other email servers like Gmail. Otherwise, you may have to download a PGP/MIME encryption tool app. With either option, you’ll have to follow the steps similar to the guides we made above.
Suppose you go with PGP/MIME encryption and use the OpenKeychain app to access it. Below are the steps on how to send an encrypted email:
Step 1: Download OpenKeychain
Download and install OpenKeychain using Google Play.
Step 2: Set Up Your Open Keychain User Account
Enter your name, email, and create a password.
Step 3: Generate and Share Your Key
You can now generate your key and tick the box next to “Publish on keyservers,” then wait a little while for it to finish sharing your key after clicking on “Create key.”
Step 4: Encrypt your email
Compose the email you’d like to encrypt, then import it to the email app you’ll use to send it.
Email Encryption Services
Many platforms provide users with encryption services. Some will allow you to encrypt only the body of an email, while others also encrypt attachments. These have proven to help people who aren’t using iOS devices or Outlook email with integrated S/MIME encryption.
Below is a list of some email encryption services you may find useful:
- ProtonMail
- Virtru
- Hushmail
- Enlocked
- Send 2.0
- Workspace ONE
- Startmail
- Mailbox
- Ciphermail
Final Thoughts
Sending sensitive emails and files can be risky as email servers such as Gmail and Outlook don’t automatically protect your emails and everything else that comes with it. This means that the text and files you’re sending are at risk of landing in the wrong hands. Your data can be leaked, too.
The solution is to use email encryption tools such as S/MIME and PGP/MIME. S/MIME is more convenient for iOS device users and people using the Outlook email server. You can find it as you navigate the settings of these platforms.
Learning how to send encrypted email in Gmail or on Android and other devices is possible. PGP/MIME encryption tools can help in such cases. Once you have apps like OpenKeychain or Chrome extensions like Mailvelope installed, you’ll be good to go.
Once you’ve shared your public key and sent some encrypted emails, figuring out how to open an encrypted email will be easy. This means that you can also go on and take other measures, such as knowing whether or not your email recipients open your emails by installing PandaDoc’s free email tracker for Gmail.
FAQs
-
To send an encrypted email attachment on Gmail, you need to download a S/MIME or PGP/MIME encryption tool that’ll allow you to encrypt attachments, as some only encrypt the body of an email. When you’ve composed the email and attached the files, tick on the necessary boxes to encrypt the body of the email and the attached files before sending it.
-
By default, most emails aren’t encrypted. However, if you suspect that yours are, you can deactivate this setting so that emails aren’t encrypted when you send them. To turn off the email encryption protocol you’re using, you go to settings and uncheck the email content and attachments encryption box. The steps and wording used varies according to your email service provider. For example, in Gmail it’s called ‘Confidential Mode’, whereas in Outlook they use the terms ‘Encrypt or Sign’.
-
This depends on whether you’re using Outlook or other web-based emails, and whether you’re using iOS or other operating systems. For Outlook and iOS users, S/MIME is the best encryption software because it comes with them. This makes it easier to activate, generate your key, and then start encrypting your emails.