While encrypted chat messaging apps have made it easy for us to send encrypted messages the same is not true of email. Unlike chat messaging, email is not encrypted by default so, if you want to send encrypted emails using Gmail, you have two options.
Send encrypted emails in Gmail either using Gmail’s built-in Confidential mode or install a 3rd party extension such as Virtru. Emails sent using Gmail's Confidential mode are sent encrypted but can be read by Google. Whereas emails sent using Virtru can only be read by the recipient.
READY TO START YOUR OWN YOUTUBE CHANNEL?
I’ll explain how to use the two options to send an encrypted email but first a quick explanation of how Gmail Confidential works and its limitations.
How Gmail Confidential Works.
Google Confidential allows you to set an expiry date for an email and a password that the recipient must enter to access the email. If you send your email to another Gmail user, they will receive and read the email as per normal within Gmail. However, if you send the email to a non-Gmail address, they will receive a link that opens the email in an internet browser window, residing on a server hosted by Google.
Is Gmail’s confidential mode encrypted?
By ensuring the email never leaves their network, Google is able to maintain the encryption of the email both while in transit and while stored on their servers.
However, the implementation of Gmail Confidential has the Privacy Police shaking their heads.
The biggest problem is that you cannot encrypt attachments; you can only send text-based emails, and recipients can’t reply. Furthermore, Google is able to read the email, so its content is not truly private between you and the recipient. When the email reaches its expiry date, a copy is still held in the sent items of the sender, so nor is it truly deleted from Google’s servers.
Finally, to set a password you must provide Google the recipient’s mobile number, which might be considered an invasion of privacy.
How To Send Encrypted Email using Gmail Confidential.
Click on Compose to draft an email.
Create your email as per normal.
Before clicking send, turn on Confidential mode.
Choose to set an expiry date and password.
Provide the recipient’s mobile number.
Is Virtru Legit?
Now, this is going to sound like a bit of a sales pitch, but I assure you it isn’t my intention. Virtru is completely legit and, what’s more, it’s completely free and is available on desktop and mobile.
Virtru was founded by two brothers John and Will Ackerly, one of whom worked as a Security Engineer for the NSA and the other was a privacy advisor for the White House. Virtru integrates seamlessly with Gmail, encrypting the whole email including any attachments.
Additionally, Virtru includes options to set an expiry date, prevent forwarding, and recipients’ replies are also encrypted, maintaining privacy for the lifecycle of the email conversation.
How Virtru Works
Virtru is a Chrome browser extension and mobile app that integrates into Gmail, managing encryption of your emails so they are unintelligible to everyone except the recipient, including the email hosting provider whether that be Google, Apple, or Microsoft.
How To Send Encrypted Email in Gmail using Virtru.
Start by opening your Chrome browser.
Virtru will not work in any other browser.
Open the Chrome Web Store.
Download and install the Virtru extension.
Open Gmail and activate Virtru.
Click on Compose to draft an email.
Click the option to encrypt the email using Virtru.
Write the email as per normal.
Add any attachments.
Click on Virtru’s Settings icon.
Set an expiry time or date.
Choose to add a watermark.
Choose to turn on Persistent Protection.
How do I open a Virtru email?
If the email is sent to another person who has Virtru installed, they will be able to read the decrypted email natively within their email client and reply, as per normal. Otherwise, they will receive a link to read the email in a secure viewer, which will open in a browser window.
The secure viewer also has a section allowing the recipient to reply, ensuring the email response is also encrypted.
Attachments also encrypted and encapsulated by Virtru using a Trusted Data Format (TDF) wrapper. Clicking on the attachment opens it in Virtru’s secure viewer. A copy of the attachment can be downloaded, saved locally, and reopened in the same secure viewer.
The sender is always able to control access to the email and attachments using Virtru’s dashboard. The dashboard is accessed from the Chrome extension icon. From the dashboard, you can revoke access to the email and the attachment at any time rendering them inaccessible to anyone who has received them, even if an expiry date was set.
Having revoked access if one of the recipients tries to open the email or attachment, they will ask for my credentials, before a message confirms that access has been removed.
How do I send an encrypted email from the Gmail mobile app?
To use Virtru on mobile, download the app from your App Store. On mobile, Virtru operates as its own separate email client albeit directly linked to your Gmail account. Once connected to your Gmail account you can encrypt all your Gmail messages directly from within the Virtru app.
You will need to allow permission for Virtru to access your email for the purposes of being able to encrypt, send and receive them. Once activated, you can start creating encrypted emails by clicking on the compose button. As before recipients who are also using Virtru will be able to decrypt and read the encrypted emails natively from with their own Virtru app. Alternatively, they’ll receive a link to open the email in a secure viewer in a browser window.
Virtru is an excellent free Chrome extension allowing you to encrypt emails sent from Gmail both on Desktop and Mobile, for PC and Mac. However, if you’d prefer not to have to use an additional 3rd-party solution then Gmail’s own confidential mode is worth a try.
If you’re willing to break free from Google and Gmail altogether, then I highly recommend ProtonMail as an encrypted email alternative. Like Gmail, it works on Desktop and Mobile, will encrypt emails by default sent between ProtonMail users, and had similar settings as Virtru to encrypt emails sent to other non-ProtonMail users.