Data and permissions

2 articles c.Email Support By c.Email Support

Where and how your data is stored.

Where your data is stored

This section details how c.Email uses your data and the permissions you can choose to grant the app.  We created c.Email to help our users protect their digital privacy with end-to-end email encryption. As a rule, we collect as little information on our users as possible and only where necessary to fulfil core functionality.  When you carry out your initial identity check, your identity information and a template of your biometric data is stored on your device only – they never go anywhere else. This is so you can use our For Your Eyes Only setting (which ensures emails are only decrypted when the intended recipient is looking at the screen, preventing your emails from being read even if your device is stolen when unlocked. ).  Once you have confirmed your identity, we turn your email address into a hash-based message authentication code (HMAC). This is a hash of your email address, combined with a secret key, then hashed again. We link the HMAC to your public verification key and public encryption key via a smart contract executed on our blockchain (the C-layer). The purpose of this is to rule out brute-force guessing of email addresses.  When you send or receive an email, c.Email corresponds with the C-layer to retrieve the relevant public key to encrypt and/or authenticate it. These keys are indexed by an arbitrarily chosen random identifier. Our server maintains a mapping from email HMACs to these random identifiers. We don’t store, encrypt, or decrypt any of your data on our server.  When you read a For Your Eyes Only email, the content is only decrypted if you continuously pass a liveness check. No data is captured or stored from this check.  Your private decryption key, as well as your identity data, are never stored anywhere other than your device, or shared with any third party. For more information, you can read our privacy policy.  Notifications from c.Email do not include or store message contents. This means any third party attempting to read your emails will be unable to do so by accessing your device’s notification database.  A hash is a cryptographic function that converts any piece of data into a fixed-length string of numbers and letters. It is one-way, not reversible: meaning the original data cannot be discovered from the hash. This is why it is safe to store on a blockchain. 

Permissions

Gmail/Outlook authentication: When you first download c.Email, you will be prompted to grant the app access to your Gmail or Outlook account. This is so you can send and receive messages in c.Email. Authentication will take place via your existing provider’s usual portal.  Biometrics (Face ID or fingerprint): c.Email uses biometric sign-in as a more secure alternative to passwords. You will be prompted to allow c.Email to enable biometrics when you first download the app. If you are using iOS, this will be Face ID. If you are using Android, this will be a fingerprint scan.  Camera access: You will need to grant camera access to complete your liveness check when verifying your identity.  When you receive a For Your Eyes Only email, it will only be decrypted when you are looking at the screen. We use the camera to complete a check against a template of your biometric data (taken from your ID when you verify your identity and stored on your device only). No data is captured or stored at this point.  Contact access: This is optional and turned off by default, but can be turned on in your c.Email settings. Granting contact access will result in improved contact suggestions when composing emails.