Invmail encrypts data client-side by default. This data includes emails, contacts, passwords, and various other data provided by users
It is encrypted using a keychain stored in the users browser cache, similar to how a plugin like Mailvelope works.
The key is generated client-side with OpenPGP.js, once generated the public key is uploaded to Invmail's key server in Switzerland and the keychain is encrypted using your account password. The keychain can be backed up to your hard drive at any time and re-imported into the browser.
Every email, even if not sent with End-to-End Encryption, is encrypted at standard with your public key. We also do this for your contacts list, messages, video/voice calls too in a similar manner.
03rd November 2015 | Invmail Team
Invmail is built on a zero-knowledge architecture
When you first log in to Invmail you will see the lengths we go to protect your security.
An encrypted keychain is stored locally in your browser cache and on your hard drive.
The public key is uploaded onto our key server and used to encrypt every email you receive and its metadata on receipt of your email. From contacts to emails, all personal data stored on our servers is encrypted client side by default.
Invacio transparency, a warrant canary is a method by which a communications service provider informs its users that the provider has not been served with a secret subpoena, visit our warrant canary here, we update it monthly.
Tried and Tested Cryptography
03rd November 2015 | Invmail Team
Time-tested and trusted encryption algorithms
We believe that 4096 bit End-to-End Encryption is a must for emails in transit. To provide this capability client-side for non-technical people, To provide this capability client-side for non-technical people the original LB Development team had to completely rethink how an email provider is structured, and how data would be handled before reaching the servers.
No more using Terminal to send emails Invmail is made up from areas that have taken unbroken encryption programs, that have stood the test of time moulded around a user-friendly interface, usable by anyone. Emails are encrypted client-side by default. Every email is automatically encrypted, incoming and outgoing.
Ease of use One of the largest problems within the encryption scene is usability. We as a company feel very strongly that encryption tools should be accessible and usable by anyone, with Invmail this is achieved with a seamless easy to use encryption based email and communication system.
To-date our concentration has been on the functionality, however when we launch out of beta for both Invacio and Invmail we will begin working on mobile devices for both systems...
Due to the size of both the Invacio and Invmail systems when fully operational, the functionality being very complex we will look at bringing the apps out in stages, re-generating the facilities we have on each system in to the applications, in the case of Invmail, this will mean a application originally launching with the email facilities, and the functionality requirements around this, we will also release the messaging system on it's very own devoted application for this system was developed for Invacio but is currently going through integration debugging with the Invmail system and as we can allow duel access in to either of the systems of the same login screen it makes sense to just build one application, naturally for those that use both systems (Invmail is invite only) we will look at ways of coupling the system's user wise.
Then on the Invmail side we will look at launching a application for the Zero-Knowledge Video/Voice Call system that we developed for Invacio as a standalone application that can also like the messenger application be pulled on request by the user, as well as coupling the systems as mentioned in the same fashion as in messenger above.