Woman emailing in home office using laptop with phone on desk
Article
3 min

How To Send A Truly Private Email (Can It Be Done?)

Posted by Picture of Sam Kendall Sam Kendall

Email is a convenient way to communicate with colleagues, clients, and friends. However, it is important to remember that email is not always private. Emails can be intercepted by hackers, government agencies, and even your own employer. If you need to send private information, it is important to take steps to protect it.

Can It Be Done?

Yes, it is possible to send a private email.

However, it is important to understand that there is no such thing as 100% guaranteed security.

Even if you take all of the right precautions, there is always a risk (however small) that your email could be intercepted.

Sending A Private Email

Email interception can occur as a result of:

  • Cyber threat: Malicious third-parties can use various methods to intercept your emails if they are not protected.
  • Human error: You could easily send a private email to the wrong person by typing in or accepting an autofilled address.

To send a private email, you need to protect against both of these risks. This can be done by encrypting data and authenticating recipients.

Encryption scrambles message data so it's not readable to human eyes. Authentication protects the keys to decrypt message data, releasing them only once the right people have passed certain checks.

Encryption disguises the contents of your emails

To truly protect an email, you need encryption to disguise a message 'end-to-end' (from sender to recipient) and authentication to verify that the recipient is the right person to unscramble a message for.

Different Types Of Encryption

There are a number of different encryption methods that can be used to protect private emails. Here are the most common encryption types:

  • Transport Layer Security (TLS) is a standard security protocol that is used to encrypt data in transit. When you use TLS to send an email, the data is scrambled before it is sent over the internet. This makes it very difficult for anyone to intercept and read the data.
  • Pretty Good Privacy (PGP) is a more advanced encryption method that uses a stronger algorithm than TLS. PGP is also more flexible than TLS, as it allows you to encrypt emails to specific email addresses.
  • AES-256 (End-To-End) is an encryption method that uses a 256-bit key. This makes it very difficult to break, even with the most powerful computers. AES-256 encryption can be combined with authentication methods to ensure only verified recipients can gain access the keys needed to decrypt and access sensitive email data.

TLS encryption is suitable for everyday personal emails, and is used by most email providers including Outlook and Gmail.

However, if you want to send a truly secure email you should use AES-256 or PGP encryption and combine it with recipient authentication.

For military-grade security, appropriate for highly sensitive information, businesses should use AES-256 encryption to prevent breaches.

Different Types Of Authentication

There are a number of different recipient authentication methods that can be used to secure emails. The most common methods are:

  • Question-and-answer authentication (Q&A): This method can be highly secure if the question and answer are unique to the sender and recipient. For example, a question about a shared experience or inside joke would be difficult for a hacker to guess. However, this method might not be suitable for business communication or sending emails to new contacts.
  • SMS code authentication: This method is convenient and widely accessible. It has been shown to block 99.9% of automated cyber attacks. However, its security depends on the recipient's mobile phone security. If a hacker gains access to the recipient's phone number, they could potentially intercept the code.
  • Government document authentication (ID&V): This method offers the strongest verification as it requires a government-issued ID for access. This is ideal for highly sensitive information exchange but might be considered an excessive security measure for everyday communication.

Challenge questiona Mailock UX (1)

The best authentication method depends on the context and sensitivity of the information you're sending.

Consider factors like recipient familiarity and ease of use when choosing a method that balances security with practicality.

How To Send A Truly Private Email

To send a truly private email, you should use a secure email service that utilises encryption and recipient authentication.

Choose the right methods based on your needs - for everyday emails, TLS might suffice, but highly sensitive information might require stronger measures like AES-256 and ID&V authentication.

For business use cases, review our rundown of the best secure email services to help you to protect sensitive data.

Deliver sensitive information securely with Mailock

 

Originally posted on 25 05 23
Last updated on March 22, 2024

Posted by: Sam Kendall

Sam Kendall is an expert researcher, editor, and marketing specialist. He has worked with B2B brands for almost a decade helping them to refine their digital strategy and streamline ground-level implementation. Sam is passionate about new developments in user experience, demand generation marketing, and customer communications.

Return to listing