|Type of site||Webmail|
|Users||250,000 (August 2014)|
|Owner||Andy Yen, Jason Stockman, Wei Sun|
ProtonMail is a free web-based encrypted email service founded in 2013 at the CERN research facility by Jason Stockman, Andy Yen, and Wei Sun. ProtonMail is designed as a zero knowledge system, using client-side encryption to protect emails and user data before they are sent to ProtonMail servers, in contrast to other common webmail services such as Gmail and Hotmail. ProtonMail servers are located in Switzerland, outside of US and EU jurisdiction. The service received initial funding through a crowdfunding campaign, and will be sustained long-term by multi-tiered pricing, although the default account setup is free.
ProtonMail has approximately 250,000 users as of August, 2014.
ProtonMail accounts use two user passwords: the first to authenticate the user into the ProtonMail system and the second to decrypt the user's electronic mailbox. This decryption takes place client-side in a web browser. The second password is known only to the user; as ProtonMail's servers hold the user's data in encrypted form, password recovery is not possible nor can ProtonMail decrypt user messages under a court order.
Similar to Snapchat, ProtonMail also includes a message expiration feature: messages can optionally self-destruct from the ProtonMail system after a period of time.
Protonmail accepts Bitcoin.
ProtonMail uses a combination of public-key cryptography and symmetric encryption protocols to offer end-to-end encryption. When a user creates a ProtonMail account, their browser generates a pair of public and private RSA keys. The public key is used to encrypt the user's emails and other user data. The private key, which is capable of decrypting the user's data, is symmetrically encrypted with the user's mailbox password in the user's web browser using AES-256. The public key and the encrypted private key are then both stored on ProtonMail servers. Thus, ProtonMail only stores decryption keys in their encrypted form, so ProtonMail developers are unable to retrieve user messages.
ProtonMail-ProtonMail messages are then encrypted with public mailbox key of the recipient. Once a user logs in, their mailbox password decrypts their private key, revealing their Inbox. ProtonMail to non-ProtonMail email addresses are handled with or without encryption. Without encryption, the emails will be sent in clear text. With encryption, the message is encrypted with AES under a shared password, distributed in advance between the two parties. The non-ProtonMail recipient receives a link which takes them to the ProtonMail website. Once the pre-shared password is supplied, the email is decrypted in the web browser. Emails from non-ProtonMail address to ProtonMail are sent in clear text.
A video demonstrating a cross-site scripting attack was shown in July 2014. The ProtonMail developers reviewed the video and confirmed that the issue only affected an early development version of ProtonMail that was released in May 2014, and the attack did not affect the current version.
ProtonMail administrators maintain and own their own server hardware and network to avoid trusting a third party. In response to overwhelmed servers, in mid-2014 ProtonMail founders began expanding server architecture. The service is currently powered by two redundant datacenters in central and western Switzerland. Each datacenter uses load balancing across web, mail, and SQL servers, redundant power supply, hard drives with full disk encryption, and exclusive use of Linux and other open-source software. ProtonMail also joined the RIPE NCC in an effort to have more direct control over the surrounding Internet infrastructure.
Transport Layer Security (TLS) is used to secure and encrypt all Internet traffic between users and ProtonMail servers. A whitepaper and source-code are coming soon, according to the developers. Protonmail.ch holds an "A" rating from Qualys SSL Labs.
ProtonMail uses a web-based interface, similar to Gmail. Users also have the ability to set expiration dates for emails and encryption passwords for outgoing emails to non-ProtonMail users.
ProtonMail was created in response to the 2013 disclosure of global surveillance and interception of email by the NSA, and is inspired by Gmail, Lavabit, and Snapchat.
On June 17, 2014, ProtonMail started a crowdfunding campaign via Indiegogo with the goal of raising $100,000 USD. On June 30, 2014, the PayPal account of ProtonMail was frozen, preventing withdraw of $251,721 worth of donations in the account. A representative of PayPal stated that the company froze the account over the doubts of the legality of the encryption, statements that were unfounded. The restrictions were lifted the following day. The campaign ended on July 31, 2014 with a total of $550,377 raised from 10,576 donors.