A secure email service, ProtonMail, is launching a new feature encrypted contacts manager for its users. The manager provides “zero access” to contacts, ProtonMail says, that means the company cannot view what users have saved. It has a digital signature, which should prevent anyone from compromising or tampering with contact details.
ProtonMail says attackers might compromise a user’s communications by editing a contact’s email address or phone number without that user realizing. The verified signature prevents this, to make edits requires a private key. This key’s also integral to the company’s technique for securing contacts generally. each email account features a unique private and public key pair of contacts. that private key comes from a form of every user’s password, that the company does not know. Then, the encrypted contact fields are encrypted with every user’s public key, that means it will only be decrypted with the corresponding private key. the 2 keys work in tandem.
This contact storing strategy differs from Apple and Google, which can access contacts stored in the cloud. ProtonMail says it designed the feature for journalists who wish to protect their sources.