Real End-to-End Security

Protection from your phone to theirs

ExtraSecure encrypts emails before they leave the sender’s phone and only decrypts them on the recipient’s phone. Email are not decrypted at any other point. Limiting the decryption to the participants phones makes email interception impossible.

Our competitors claim “encryption in motion and at rest” or “encrypted at every step”. These claims are much weaker than they appear. Instead of decrypting the email only at the recipient’s phone, they decrypt it on their server and re-encrypt it under their control. With ExtraSecure’s End-to-End Security, even Snowden cannot access your email.

Computer Created Passwords

Use the strongest password you can’t forget

Security experts have known for years that users create weak passwords when given the choice. ExtraSecure generates all its passwords and encryption keys automatically using a cryptographically secure random number generator. Using a generated password forces attackers to exhaustively search for the password.

ExtraSecure’s servers never have access to a user’s password or encryption keys. All passwords and keys are backed up the iCloud Keychain to protect against lost devices. The Keychain protects passwords for iOS and contains extremely advanced security features unmatched by Android and other operating systems. Apple does not have access to the contents of a user’s keychain.

FIPS 140-2 Certified Modules

Resilient, tested, strong encryption algorithms

ExtraSecure uses FIPS 140-2 modules for all its encryption. The FIPS 140-2 standard is defined by the National Institute of Standards and Technology (NIST) and ensures that the cryptographic modules are implemented and tested correctly. Using the highest standard to validate our encryption algorithms gives attackers no room to find vulnerabilities.

Apple leads the industry in security by validating iOS’ encryption modules against FIPS 140-2. iOS incorporates encryption at many fronts, and ExtraSecure makes full use of its abilities. To lean more about iOS encryption, see Apple’s security guidelines.

Advanced Encryption Coding

Combines the best of many encryption techniques

ExtraSecure uses a combination of encryption techniques to achieve the highest security possible on the best mobile platform. Symmetric encryption (AES-256-CBC) is used with a 256-bit key to encrypt the database stored on the phone and to send email. Asymmetric encryption is used with a 4096-bit key to securely share email with another known user.

ExtraSecure follows the OpenPGP standard for implementing secure email. We only allow the strongest supported algorithms in OpenPGP: RSA-4096 and AES-256-CBC. ExtraSecure designers made careful tradeoffs to ensure your email is protected without slowing you down.

OpenPGP Email Encryption

The most trusted standard, improved even more by ExtraSecure

OpenPGP is a standard created by the Internet Engineering Task Force that integrates security into email including authentication, confidentiality, and integrity. These properties allow a recipient to verify the sender, prevent attackers from reading the email, and detect any unauthorized changes in the email. Experts have review and scrutinized OpenPGP’s architecture and improved it over the years to be very secure.

ExtraSecure’s designers examined OpenPGP and decided to improve it in two key areas:

  • Encryption of subject lines
  • No support for weak encryption algorithms

Surprisingly, OpenPGP requires subject lines be not encrypted. Subjects contain very sensitive information, so ExtraSecure carefully adds encrypted subject lines to enhance security. We have also removed support for weak encryption algorithms that do not meet today’s highest standards.

Zero-Knowledge Security

ExtraSecure cannot read your emails

Only you and your recipients can access the secure email you send through ExtraSecure. No one else has any knowledge of your email including your email provider, government, hackers, even us. Even if communications may be intercepted by hackers, your email will still be safe since they do not have the key to decrypt the data. No backdoors, no workarounds – only the recipient has the key to decrypt the data.

ExtraSecure adopts a Zero-Knowledge policy everywhere. Backups within the phone are encrypted, and any backups sent to our servers are encrypted before they leave the phone.