Although email is one of the most popular modes of communication on the web, email encryption isn’t very prevalent. Google now hopes to change that by preparing a Chrome plug-in that can enable end-to-end email encryption.
Currently, the bulk of email sent from Gmail accounts is encrypted. But a comparison with other email services reveal that other vendors aren’t too keen on email encryption. The issue has been a part of the hotly contested debate about privacy.
The Chrome plug-in that Google is readying will be compatible with multiple services, it seems. If the encryption is enabled on Gmail emails, it will require the same service to be available at the recipient’s end to decrypt it. While Google hasn’t revealed the details of the plug-in, the idea behind it is to probably end-to-end email encryption through the browser itself.
The actual release of the plug-in is still a while later. For now, the company is sharing the plug-in’s source-code with the developer community so that any bugs or vulnerabilities could be sorted out timely. As an added incentive for the developers, the plug-in bug-reporting is covered under the company’s Vulnerability Reward Program, so that any developer who spots a valid vulnerability in the plug-in gets to receive cash reward.
Since the plug-in will work with Gmail as well as other email services, it remains to be seen how this encryption could be enabled on the likes of Outlook or Yahoo Mail. Google may have worked around it by offering something like app permissions.