Certain communications I send require extra security, also known as encryption, which most Android email clients cannot deliver. Encryption ensures the emails I send to specific recipients can only be read by those with a matching key to decrypt the contents of the email.
You’ll need a third-party app for this level of security on Android. For encryption in email, you’ll require a different email client, as Gmail won’t cut it. I prefer Thunderbird on Android because it’s an outstanding email client, works with PGP (Pretty Good Privacy), and is an open-source application.
Also: The Thunderbird email client finally landed on Android, and it was worth the wait
The app I chose for encryption on Android is OpenKeychain. This tool makes it easy to add encryption to Android.
Let me show you how it works.
Installing OpenKeychain
What you’ll need: The only thing you’ll need is an Android device (phone or tablet) and a valid Google account. That’s it. Let’s make some encryption magic.
Log in to your phone or tablet and open the Google Play Store app.
Type OpenKeychain in the search field. When the entry appears, tap it and then tap Install to add the app to your device.
Installing OpenKeychain on Android is as simple as a single tap.
Screenshot by Jack Wallen/ZDNET
Creating your first key
The next step is to create your first key. Here’s how.
1. Open the newly installed app
Swipe up on your home screen to open the App Drawer. Scroll down until you locate OpenKeychain and tap the launcher.
2. Create your key
In the main window, tap Create My Key. You will then be required to walk through a simple wizard that will have you:
- Type your name (or a nickname)
- Add an email for the key
- Optionally enable the key to be accessible via keyservers
Once you’ve finished the above steps, tap Create Key at the bottom right.
You can create your key and a security token — and even import keys from files.
Screenshot by Jack Wallen/ZDNET
One of the cool things about OpenKeychain is that it’s easy to share your public key (remember, a key is a pair with a private and public key). After you create your key, you can tap the entry, where you’ll see options for sharing and copying.
Also: 3 ways to stop Android apps running in the background – and why I always do
For other people to send you an encrypted email, they’ll have to send you their public key; for you to send others an encrypted email, you’ll have to send them your public key.
You can share your key with others so they can send you encrypted messages.
Screenshot by Jack Wallen/ZDNET
With OpenKeychain, you can easily import keys (from a file) by tapping the + button on the main page and tapping “Import from File”.
To import a recipient’s key, tap “Import from File”.
Screenshot by Jack Wallen/ZDNET
Adding encryption to Thunderbird for Android
Thunderbird isn’t the only Android email app that supports encryption, but it’s the one I use, so we’ll be working with that tool. You can install Thunderbird for Android from the Google Play Store.
1. Open Thunderbird Settings
After you’ve installed Thunderbird and added your email account, tap the menu button in the upper-left corner and then tap the gear icon at the bottom of the sidebar. From the list of email accounts, tap the one you want to work with encryption.
The gear icon appears at the bottom of the Thunderbird sidebar.
Screenshot by Jack Wallen/ZDNET
2. Navigate to “End-to-end encryption”
At the bottom of the “Account settings” page, tap “End-to-end encryption”.
3. Enable OpenPGP support
On the “End-to-end encryption” page, ensure “Enable OpenPGP support” is enabled by taping the On/Off slider until it’s in the On position.
Make sure you’re enabling OpenPGP support for the correct email account.
Screenshot by Jack Wallen/ZDNET
4. Select your key
Under the Enable entry, tap the “Using key” line and then, when prompted, select the key you want to use for encryption (this will be the key you created in OpenKeychain).
Tap “Using key” to select the key you want to use.
Screenshot by Jack Wallen/ZDNET
Return to the main Thunderbird window now that you’ve added PGP support. Hopefully, at this point, you’ve imported a PGP key from a recipient that will receive an encrypted email from you. Tap the Compose button and then tap the menu button at the top right (three vertical dots).
From that menu, tap Enable Encryption. Once you’ve done that, type the recipient’s email address (for which you’ve added the PGP key), and the lock icon should turn green, which means the email is encrypted. You can now type your email and send it.
Also: 3 ways to stop Android apps running in the background – and why I always do
Remember that the recipient’s email client must also support encryption. Otherwise, they’ll have to save the encrypted attachment and decrypt it manually.
And there we go — you’ve just added encryption to Android for an extra layer of security.
