Secure email made for you

Tuta: The most secure email service, and the easiest to use.

Secure emails at the tip of your finger

All-round encryption, no tracking, open source - there are lots of factors that make Tuta the most secure email provider in the world. Explore Tuta's security features in detail and learn how its various security measures protect your sensitive data.

Security and privacy go hand-in-hand

When evaluating the security and privacy of any online service, always ask yourself the following questions:

  1. Who pays for it? The users or the advertisers? If the answer is "the advertisers", the service can never offer a truly secure and private solution. Its top priority is the advertisers’ interest by helping them to identify target audiences based on users’ data and to serve them ads. Protecting users' privacy always comes second with such a business model.

  2. Who controls the tech stack? This is a very technical but crucially important question. If a service uses third-party 'tech' such as Dovecot, Roundcube, Google reCaptcha or Google Push, you know for sure that security and privacy cannot be its core priority as the provider knowingly leaks information to others - without warning the users about this. This is another reason why you should choose a service that is open source and doesn’t rely on integrations with closed-source software.

  3. What data is encrypted end-to-end (E2E)? Many providers claim that their service provides secure email and that the data stored with them is 'encrypted'. What makes this question so important is how is the data encrypted? Because only when data is encrypted end-to-end, it is truly inaccessible to the online service as well as to other third parties. Only then the service can be considered as offering secure email. That's why simply "encrypting" data is not sufficient, the data must be encrypted end-to-end.

Control of the software stack

Many email services, even secure ones, use third-party tech like Dovecot, Roundcube and others to build their own products. Every time a so called secure service uses third-party applications, it becomes more difficult to secure said service. The reason is simple: Every service included in the code executes code. Any services' security can't get better than that of its dependencies. Every dependency to third party code must be maintained and security updates need to be applied immediately. In addition, every third-party service can potentially track the users, send data to its own servers etc. That’s why we at Tuta only use open source code that we have vested ourselves before using it. This way we make sure ourselves that the open source tools Tuta does use are secure: We regularly run security reviews of these tools as well as of our own clients, for instance when we pushed our desktop clients out of beta.

Of course, we at Tuta can't re-invent the wheel either. But we have built our entire clients - web, Android, iOS, and all desktop clients - on our own. Plus, we have a strong focus on security in our whole development workflow. All developers share the same DNA: privacy and security first.

One main differentiation of Tuta is that we build all major parts of Tuta ourselves, even outside of the core email functionality such as our captcha, our push notification service on Android and more.

Only with open source - of our own clients and of the software that Tuta depends on - tech-savvy people can audit the code and verify that Tuta is doing what we promise: Securing your private emails to the maximum.

Check here why we recommend to choose our secure desktop clients for Linux, Windows and macOS and why it is so important that we have built our own open source captcha as well as an alternative to Google Push on Android.

Security

We follow the concept of “security first”.

When offering a secure email service, people trust that your security is bullet-proof. To us, this means that there can never be a compromise when it comes to security. Security must be baked into the code so that you can easily add usability on top of that - not the other way around.

This concept of "security first" has led to several development decisions that today guarantee the top-notch security of Tuta:

  • We do not use PGP, but a slightly different implementation (initially based on AES 256 and RSA 2048), which lets us encrypt much more data (subject lines) as well as encrypt all other features that we add to Tuta such as contacts and calendars - which are all 100% encrypted. We have replaced RSA with ECDH (x25519) Kyber-1024 to release quantum-safe cryptography to all Tuta users. In the future, we plan to also support forward secrecy.

  • We do not search through your data on the server because it is encrypted there. Instead Tuta builds an encrypted search index, which is stored locally on your device or in your browser and searched there. This enables you to search through your entire emails (sender, recipient, subject line, body, attachment) locally while protecting your privacy.

  • We do not offer IMAP as it would only work if we sent decrypted data to your device. Instead we have built our own open source desktop clients, which store your data encrypted. The desktop clients are also signed so that everyone can verify that the client is running exactly the same code as the code published on GitHub.

When you create a secure email address with Tuta, you can be sure that your data is kept secure.

End-to-end encryption

Encrypted mailbox, calendar, contacts.

From the start, we at Tuta made sure that as much data as possible is E2E encrypted. Tuta was the world's first end-to-end encrypted email provider and, to this day, it is the email service that encrypts more data than any other.

Tuta encrypts all data by default: Email, calendars, contacts. The end-to-end encryption provided by Tuta ensures that your data is secure and private, even if it falls into the wrong hands.

Tuta's servers only store the encrypted data, and the decryption key is only available to the user. This ensures that even if your internet connection was intercepted or in the extremely unlikely scenario that someone were to hack our servers, your data remains secure.

With its built-in encryption Tuta makes security easily accessible to private users and businesses all over the world. To decrypt your data, you simply login to your secure email address with your password, that’s it. You can easily login via a web browser, via the Tuta apps for Android and iOS, or via the Tuta desktop clients for Windows, macOS and Linux.

How to send a secure email to anyone.

Tuta lets you send secure emails (E2E encrypted) to anyone with a shared password. This means that the message is encrypted on the sender's device and can only be decrypted by the recipient's device. You can easily exchange sensitive conversations or files online, knowing that all data sent via Tuta is securely encrypted end-to-end. You can easily send encrypted emails to external recipients by defining a password. The password is valid for all emails that you exchange with this person, there’s no need to define a new password for each email like with other secure providers.

Zero-knowledge calendar.

Tuta comes with an end-to-end encrypted calendar that lets you schedule and store all your appointments confidentially. Our calendar is an outstanding achievement because not only all data is encrypted, but also the reminders are E2E encrypted. Even the time when a notification is sent to the user is obscured from our servers so that we remain in the dark about all our users’ appointments.

TLS encryption

Securing the email protocol

When sending emails with Tuta, you have clearly chosen the most secure option as Tuta allows to automatically encrypt emails end-to-end.

However, sometimes you might want to send and receive unencrypted emails to and from contacts that don’t use Tuta, when sharing a password with them would be inconvenient. It is much harder to secure these emails because in such a case the email provider can only encrypt the transmission - not the data itself. Besides that, other services are involved, like the recipient’s email provider, which need to make sure that the transmission is completed securely.

To secure unencrypted emails as well as possible, we adhere to the highest possible standards of the SMTP email protocol.

Tuta supports MTA-STS. This standard should be supported by all email services by now because it is to an email what strict HTTPS is to a website: It enforces transport encryption (TLS) whenever TLS is possible.

Tuta also supports SPF, DKIM and DMARC. These three protocols are necessary to harden the infrastructure against intrusion from phishing and spam emails.

Tuta uses strict CSP (Content Security Policy), an HTML sanitizer for showing unknown content (in emails) to prevent XSS-attacks, and, by default, does not load external content from other servers (pictures and videos in emails). The user can choose to have external content shown with a single click or tap, if they trust the sender.

Check here to see how well Tuta scores on Securityheaders.io.

Maximum login protection

Tuta never transmits your password to the server.

When you login to your secure mailbox, Tuta hashes and salts your password before transmitting the hash to our servers. It is impossible to derive the actual password from this hash, so no one can know your password, not even we at Tuta. To protect your password, we use Argon2 and SHA256.

Tuta also provides two-factor authentication (2FA) to add an extra layer of security. To secure your login credentials, you can use TOTP or U2F. We recommend using U2F with a security device as this is the most secure form of two-factor authentication. This ensures that only the authorized user can access their account.

Check out our online security guide on how to keep your emails safe from hackers.

Zero-knowledge Architecture

Tuta uses a zero-knowledge architecture, which means that the user's data is never stored in plain text on Tuta's servers. Tuta's servers only store the encrypted data, and the decryption key is only available to the user. This ensures that even if Tuta's servers are hacked, the data remains secure.

GDPR-compliant

The European GDPR requires companies to secure emails containing sensitive data of EU citizens. Businesses are required to safeguard personal data, even when in transit.

You can now save time and money by hosting all your business emails encrypted on Tuta's secure servers. With Tuta, there is no need to use a plugin or a complicated encryption software on top of a bloated enterprise email solution that used to be a good fit for businesses a decade ago.

Email encryption guarantees GDPR compliance, and Tuta offers the most secure email solution for businesses with full GDPR-compliance.

Tuta follows the principles of data minimization & privacy by design.

We are responsible for the protection of your personal data, and we take this responsibility very seriously. Therefore:

  • Tuta is based on the data privacy principles of "data minimization" and "privacy by design".

  • All user data is stored end-to-end encrypted in Tuta (except for metadata such as email addresses of senders and recipients of emails as this information is needed by the email protocol to deliver the email to the correct address).

  • We have technical and organizational measures in place which protect your data to the maximum extent.

  • Tuta provides an Order Processing Agreement with legally binding data protection guarantees to help you demonstrate your compliance with GDPR.

Please read our full privacy statement for details.

Our built-in encryption and the fact that we enable you to send an encrypted email to any recipient in the world make Tuta a perfect fit when looking for the best secure email for your business. Tuta helps you easily send sensitive personal data end-to-end encrypted, thus, making sure that your company is GDPR-compliant.

Read on our blog to find out how Tuta can help your business achieve GDPR-compliance.

Privacy made in Germany

Germany has one of the strictest data protection laws.

Data privacy regulations in the European Union (EU) are among the strictest in the world, and among all European member states, Germany has one of the strongest policies: the Federal Data Protection Act (Bundesdatenschutzgesetz). The EU General Data Protection Regulation (GDPR) was in large parts designed based on the German Federal Data Protection Act.

This law protects users of internet services. It puts the user in charge of what should be done with their data: Companies (=we) are not allowed to collect any personal information without express permission from an individual (=you), (e.g. name, date of birth, IP address).

In addition, in Germany there is no law that could force us to submit to a gag order or to implement a backdoor.

You can find details about German data protection laws on our blog and in our Transparency Report.

Data stored in Germany

Tuta stores all data encrypted in highly secure data centers in Germany.

All data in Tuta is stored end-to-end encrypted on our own servers in ISO 27001 certified data centers in Germany.

No one has access to our servers except our permanent administrators, who need to pass multiple-factor-authentication before gaining access. All productive systems are monitored 24/7 for unauthorized access and extraordinary activity.

Anonymous email service: No tracking, no ads

Tuta is an anonymous email service that does not track you.

Our business model is different from most email services: Due to the encryption, we can not scan your emails. We do not track you. We do not send targeted advertisements to your mailbox. This means that your data is not used for any other purpose than to provide email and calendar services. This ensures that your data is never shared with third-party advertisers or other entities, which could compromise your privacy.

By default, Tuta does not log IP addresses when you login or when you send an email. Upon registration you do not need to provide any personal data (e.g. no phone number is required), even when you register via the Tor browser. Tuta strips the IP addresses from the mail headers in the emails sent, so that your location remains unknown. Despite all these protections, you might still want to keep your IP address hidden even from us, which is why we will never add a VPN or a browser to our offer. Offering a VPN does not make any sense. Because if we did, we as the email provider would still be able to find out the users’ original IP addresses, if the connection were to be made via this VPN. For privacy reasons, it is better to keep the two services separated.

Enhanced privacy features

Tuta is an email service built with privacy at its heart.

Companies love email for marketing campaigns. Because email by default does not respect your privacy. When you receive a marketing newsletter, the email usually loads external content (e.g. images, videos). In this instance you are being tracked: IP address, browser you are using, and more information is being transmitted to the sender.

Tuta offers an email service that automatically protects from those tracking methods:

  • Tuta blocks images by default. No external content is loaded when you open an email unless you actively allow this.

  • Tuta strips all header information (IP address) from emails sent to protect your privacy.

  • Tuta warns you when the technical sender differs from the from sender. To fake the from sender is a typical method used in phishing attacks. On our blog you can find more tips on how to prevent email phishing.

Monitor & close sessions remotely

Check if anyone has accessed your encrypted Tuta mailbox.

Tuta lets you check active and closed sessions as an opt-in feature. This allows you to verify that no one but yourself has logged into your account. Closed sessions are automatically deleted after one week. Tuta’s session handling also enables you to close sessions remotely. When you lose your mobile phone and you are still logged in with the Tuta app, you can close this session from any other device. By closing the session remotely, you make sure that no one can access your secure emails on the lost phone.

IP addresses of open and closed sessions are always stored encrypted and automatically deleted after one week. Due to the encryption only you can access this information. We at Tuta have absolutely no access to this information.

Committed to open source

Free and open source emails for everyone.

Tuta focuses on security and privacy. To us, open source is essential to achieve both. We have published the Tuta web client, the Tuta desktop clients as well as the Android and iOS apps as open source software on GitHub.

This way everyone can check the code and verify that there are no bugs or security vulnerabilities in the code base. By being open source potential issues can be noticed and fixed much faster than it is the case with closed source applications.