When you send an email, the security and privacy of the email depend on the encryption methods email providers use. To maximize the level of protection of user data, Liverado supports multiple encryptions.
TLS is an encryption protocol to secure web communications across networks. TLS prevents third parties from eavesdropping and tampering with your messages in transit. It is used in various technologies such as email, instant messaging, opening websites or web applications.
When sending an email, TLS encryption is applied to the message multiple times as it is sent. It encrypts and decrypts between the devices and servers.
However, TLS alone cannot provide enough security for your email. Once they reach the receiving server, they are decrypted.
Standard encryption at rest
Most email providers or cloud services encrypt your emails with a key they retain control, which means they can decrypt your emails at any time. For example, Google uses the Advanced Encryption Standard (AES) algorithm to encrypt data at rest. This puts your email at risk in the event of a data breach, which is why both zero-access encryption and end-to-end encryption are necessary.
Zero-access encryption is a way to protect data at rest (when the information is stored in a server). With this encryption method, even if a hacker compromises the service provider's server and steals your files, they can't decrypt the data. Zero-access encryption ensures that only the data owner has the technical ability to read the data.
End-to-end encryption is a safe communication method that prevents data from being read or modified by any third parties other than the sender and recipient. In principle, it prevents potential eavesdroppers, telecom providers, internet providers and even communication service providers from accessing the encryption keys needed to decrypt conversations.
End-to-end encryption is designed to prevent data from being read or secretly modified by people other than the actual sender and recipient. The sender encrypts the message. Third parties cannot decipher the data being transmitted or stored. Instead, the recipient can retrieve the encrypted data and decrypt it. Even end-to-end encrypted email service providers cannot decrypt encrypted data.
S/MIME is an acronym which provides end-to-end encryption. (Learn more.](help-centre/library/what-are-the-different-kinds-of-encryptions/S-MIME)
S/MIME works using symmetric and asymmetric encryption involving a pair of mathematically related keys: a public key and a private key.
When a sender sends an email with a S/MIME certificate, the email is encrypted with the recipient's public key. Only the recipient can only decrypt the email using the private key associated with the public key.
While a S/MIME certificate encrypts your email and proves that you wrote and sent it, only a certificate authority (CA) can issue a S/MIME certificate. This means that you must contract with your own CA to verify your digital identity.
You can send encrypted emails to non-Liverado users, such as users of Gmail, Apple email, etcetera. These providers have integrated with the S/MIME protocol.
PGP is a proven method of securing email communications with end-to-end encryption. It prevents any third party (including your email provider) from reading the email. Liverado supports both PGP/Inline and PGP/MIME.
You can send encrypted emails to non-Liverado users, such as ProtonMail, Tutanota users. These providers have integrated with the S/MIME protocol.
In order to protect as much data as possible, Liverado uses a combination of TLS, zero-access encryption, and end-to-end encryption.
Plus, even if the person you're communicating with doesn't have a Liverado account. We ensure that our users can communicate encrypted with other PGP or S/MIME users by sharing public keys by supporting PGP and S/MIME.
To enable encrypted communication with contacts that do not support PGP and S/MIME, you can also send a password encrypted message to the recipient.
This combination ensures that all your emails are confidential and cannot be intercepted or tampered with by anyone. Not even Liverado can read or access your end-to-end encrypted email.
Since we are located in Singapore, the country has strict data privacy laws. Our users also benefit from the jurisdiction of Singapore and are fully protected by the laws of Singapore.
Signing up for a Liverado account is easy, and starting today, you have real control over your online data.