Tech Review: Mailfence Encrypted Email

Late last year, as part of my ongoing “Security Essentials Series” of articles, I listed the worlds top 3 encrypted email service providers, as well as reasons why more Google/Yahoo/MSN customers should strongly consider making the switch to them. However, at the time of the release of my article last July I wasn’t yet aware of another encrypted email service provider out of Belgium. So, now that I have gotten familiar with them, and have reviewed their product and services first hand, here is a quick review of what I have learned and why I now view Mailfence as the worlds top encrypted email service.

Layout

The first and most obvious thing that jumps out about Mailfence is that they have a rather simple/generic user interface, something I actually view as a net positive – not a negative. A lot of companies try to splash around a lot of colors and graphics to make their product appear more visually stunning, but this is often just “vanity” and has zero baring on how good their product/service actually is. Simple and straight to the point is ideal, at least in my opinion. If you want fancy colors instead of security, then continue signing up for Google.

Customer Service

As far as customer support goes, Mailfence‘s response time on social media and through email support are both above average – comparatively speaking. For example, their support staff answered my questions on social media in less than 12 hours time and their email support assisted me with an account name change slightly faster than that. I’ll just say that I have personally paid other computer based companies, who shall remain nameless, far more for far slower response times. Moreover, some companies simply never respond to any questions or inquiries submitted to them through social media channels, something which is clearly not the case with Mailfence.

Payment

Mailfence offers a variety of paid services/plans available at different prices, and all are listed in Euros instead of American dollars. Upon paying Mailfence I found two things very interesting. First is that they perform the currency exchange on their end, meaning they accepted my American dollars for payments – even though they are a Belgium based company. By comparison, I know some other privacy based businesses and VPN service providers located outside the United States will not allow customers to pay with American dollars, it must be in Euros or Bitcoin – such is the case with Perfect Privacy VPN. The fact that Mailfence is open to different payment options from foreign nationals is a big plus in my book.

The second thing I noticed is that the company did not immediately charge my card right away, they actually enacted a delay on the payment for about 24 hours so that they could review the purchase before accepting it. This proves that the company is not just after some quick money/cash grab, and instead actually has some set of moral principles and priorities. I know, imagine that – right?

Privacy

The last point about having moral standards is actually Maifence’s biggest appeal or claim to fame. You see, the company is based out of Belgium, which is known to have some of the strongest and most resolute privacy regulations/protections of any country in the world. In fact, this is why Mailfence‘s owners chose Belgium to host their servers in the first place.

Unlike in countries such as the US, where authorities can literally print out a generic document and sign your name to the top of it one minute and have immediate privileged to hack your devices the next, Belgium actually has a set system of accountability and safeguards in place to protect its citizens and their businesses from the Government. For example, every surveillance request or request for information inside Belgium, including on Mailfence’s servers, must be legally brought in front of a Belgium judge and proven in court as legitimate. In this way Belgium protects user data and business confidentiality in a way that no other country in the world does.

Criticisms

My only real criticism of Mailfence is that they require you to download a 3rd party App to enable two factor authentication on your device. Quite frankly, this is the first security product or service I have seen that does not have their own built in methodology for enabling two factor authentication.

Why Is Mailfence Superior To Other Encrypted Email Services?

If you read my original article on “Encrypted Email Services and Why You Should Consider Making The Switch,” you would have noticed I listed 3 of the worlds top current encrypted email service providers; ProtonMail, Lavabit and Tutanota. Despite listing them however, for none of the reasons mentioned above, here else is why I now consider Mailfence to be a superior product to them all.

ProtonMail almost exclusively tries to sell itself on its Swiss based servers, as does Tutanota, trying to bank on Switzerland’s reputation for protecting the banking industry – no pun intended. But the fact of the matter is that the banking industry is not the same as the cyber security industry, and the same protections afforded to one are not necessarily transferable to the other. The idea that having servers in Switzerland provides you with any more security or peace of mind is largely inflated. Additionally, it is well documented that ProtonMail was first developed by researchers at the Massachusetts Institute of Technology (MIT) -an American University. What is less documented however is the connection those developers have with the American National Security Agency (NSA), need I say more?

Lavabit bases its servers in Texas, USA. Meaning that the US Government can own and/or search their servers literally anytime they want. Moreover, Lavabit has already been shut down by the United States Government once before in the past for their connection with Edward Snowden – enough said. If you care about data security and privacy the United States is generally never a place you should be looking to do business. In other words, there is a reason all the worlds top security companies do not operate out of the US.

Tutanota is already the worlds largest encrypted email service provider, but these are  accolades which come with a lot of unwanted attention. The fact of the matter is that multiple “black-hat” hacking groups have come forward in 2018 publicly advertising Tutanota accounts as their primary means of contact, essentially exploiting Tutanota‘s free email services. I fear that this may ultimately become the services downfall one day soon. For example, Ghostmail was once shut down by international authorities for far less than what we are now seeing come out of Tutanota. If Tutanota‘s services haven’t already been compromised in one way or another yet, my bet is that its owners will be pressured into doing so much sooner than later.



Categories: Tech Stuff

%d bloggers like this: