Greater security, professionalism, and comfort: Secure emails with mail.ch
mail.ch stands for a high level of security and data protection. Email security is the essential foundation of our professional, secure service and combines a secure email mailbox with convenience, reliability, and exceptional product quality.
Server-side transport encryption via SSL/TLS and PFS
We have used server-side transport encryption for years to protect and secure your email communications. Transfer of your data is encrypted. As a supplement to our security measures, we also use PFS (Perfect Forward Secrecy) with transport encryption. The use of PFS ensures that even if our secret main key is lost, the email communication that is sent via TLS cannot be decrypted by third parties.
The innovative DANE and DNSSEC encryption technology is used as the foundation for signed, forgery-proof DNS answers (digital fingerprint) and the use of such technology can also ensure encrypted transmission of emails even across national borders:
Authentication of an SSL certificate before establishing the connection via a "digital fingerprint"
The authenticity of the sender of DANE information is ensured in conjunction with DNSSEC
Manipulation of data during transport is prevented
Securing mail and web servers
Securing the email address as well as all alias addresses
Securing all protocols (IMAP, POP3, CalDAV, CardDAV, WebDAV)
mail.ch signs all sent emails with a DKIM signature.
DomainKeys Identified Mail (DKIM for short) is an identification protocol for ensuring the authenticity of email senders. It was designed to help prevent unwanted messages such as spam or phishing. Recipients can therefore ensure that emails are really sent from from a mail.ch server.
Our two-factor login within mail.ch reinforces our efforts to provide you with optimal levels of security in combination with ease of use. We provide two methods of protecting the email account with a two-factor approach: The authenticator, and U2F devices.
An authenticator provides a second parameter that is required for access to your emails - the 6-digit authenticator code. This code is generated by an app that is provided for Android and iOS. The apps can be found in either the Apple AppStore (iPhone/iPad) or the Google PlayStore (Android).
U2F (Universal Second Factor)
The standardised U2F procedure requires a small device that is connected via USB or Bluetooth, and therefore ensures that only you can use the email account with this device. The U2F token can be used for other services that support this process as well as for mail.ch. U2F-capable devices can be bought from 5 CHF upwards.