Posted on

How Email Encryption Protects Everyone in the UK

In the UK, there’s talk of government moving to ban end-to-end encryption. According to leaked documents, the legislation in question would force technology companies to “build backdoors into their products, in an attempt to allow its intelligence agencies to access civilians’ private data and messages.”

 

This is alarming for many reasons.

Backdoors are easy to exploit. It’s not a case of only granting access to government surveillance teams. Encryption technology doesn’t work that way. Once a backdoor is built into technology, anyone with the know-how — including criminals or corrupt government officials — could gain access to private data. It’s no longer secure.

Frustratingly, a move like this also assumes everyone who uses encryption is a criminal or planning a terrorist attack, despite the fact that all citizens in the UK have a right to communicate securely and privately.

Encrypted communication protects everyone, whether you’re sharing sensitive client documents, planning an event or sending family photos of your baby.

 

Without encryption communications, we’re all at risk

Earlier this year, the UK home secretary pushed for WhatsApp, the widely popular messaging service, to install backdoors in its technology to make it accessible to authorities. Her reasoning was that criminals are discussing their plans using the app and investigators require access.

While no one can prevent criminals from using encrypted communications, a ban on it would risk exposing huge swaths of financial and personal data, simply for the sake of catching a small number of criminals. It’s too big of a threat on civil liberties.

Relying on mainstream telecommunications providers for secure email just isn’t advisable either. Providers regularly store communications and must comply with requests from law enforcement to hand over data.

A sweeping bill — nicknamed The Snooper’s Charter — passed last year in the UK, giving government even more surveillance power and the ability to hack and store data relating to internet use. The Investigatory Powers Act gives the British state the ability to compel service providers and mobile networks to store what you do online for 12 months.

This includes email correspondence and browsing histories.

 

PGP encryption is for anyone who needs it

Myntex users are individuals or businesses in the UK who value their privacy and security. They’re committed to being able to express themselves freely without outside intervention. Businesses have trade secrets they want to protect, as well as sensitive information that cannot be leaked like financial reports and health data.

Using BlackBerry email encryption protects these communications by making intercepted messages impossible to read, and deleting the messages themselves within 24 hours. Because we don’t store messages or encryption keys, there’s nothing for us to turn over to law enforcement even if we are the subject of a subpoena. You’re protected no matter what laws are enacted in the UK.

 

Ready to learn more about encryption?

Posted on

Everyone Has the Right to Privacy: Knowing Your Digital Rights in the Netherlands

Everyone has a fundamental right to privacy. It’s a reality that in our fast-paced digital world, this right to privacy is constantly under threat. Unlike paper data, digital information can swiftly move across borders and fall easily into the wrong hands. Mobile internet usage in the Netherlands has skyrocketed in the last five years. Statistics show that 80% of Dutch citizens are mobile internet users.

Unfortunately, many people continue to use insecure communication methods that put their privacy at risk, often due to a lack of education about digital privacy laws and surveillance tactics. Knowing your digital rights in the Netherlands will help you make choices that will ultimately guard your privacy.

 

Digital privacy laws in the Netherlands

Laws pertaining to electronic communications and personal data privacy in the Netherlands fall under either the Personal Data Protection Act (PDPA) or the Telecommunications Act, and sometimes both.

Under the PDPA, personal data can be legally accessed under certain conditions. Consent must be obtained by the data subject (that’s you) before the act of collecting or processing any identifiable information. Of course, there are exceptions to this right to consent. It’s still possible for your personal information to be shared without your knowledge because of requests from internet service providers or Dutch law enforcement agencies.

According to the Telecommunications Act, it’s your right to be informed by your service or network provider that there’s been a breach of security. Dutch law says that data can be legally stored if it is being used in a criminal investigation or persecution of a serious offence such as terrorism. In this context, the stored data can only be kept for one year.

If you suspect that your personal data is being viewed or processed, it’s your right to request the service provider or party in question to confirm whether or not this is the case. It’s also your right to ask for the logic behind why your data is being processed. You must receive a response in writing within four weeks.

Dutch citizens have the right to submit complaints about digital privacy violations to the Dutch Data Protection Authority via the National Ombudsman.

For more information and support on digital rights in the Netherlands, consider checking out Bits of Freedom, an advocacy organization.

 

How to protect yourself

While Dutch laws seem to have the intention of protecting citizens, it’s obvious that exceptions made for law enforcement investigations and security breaches could still put your personal privacy at risk.

It wasn’t encouraging to see this Dutch official express a willingness to sacrifice privacy for security in order to install encryption “backdoors” in popular messaging apps (luckily, the Dutch government didn’t agree).

Nonetheless, here are some tips for protecting yourself.

Take the time to research telecommunications providers in the Netherlands. The two biggest issues for telecommunications providers are data storage and interference from law enforcement.

A popular provider, KPN, was the victim of a massive hacking incident in 2012. A 17-year-old managed to gain access to the KPN servers and the email addresses of two million users. KPN was forced to revoke access to the email accounts and ask users to reset their passwords.

The company was ultimately fined by the Netherlands Authority for Consumers and Markets for “insufficiently securing customer data.”

The logical next step is to choose a provider that not only encrypts your communications, but doesn’t actually store any of your private information.

Beyond researching your telecommunications provider, consider what may happen to your digital data if you try to cross an international border, as some citizens have run into problems trying to enter the U.S. in recent months. Border guards have asked to search their mobile phones.

While it seems to be within the rights of travellers to refuse the search, it may be easier to delete any unnecessary apps before travelling, take a temporary phone while on vacation or simply use an email encryption service that automatically deletes messages over a day old, and can be wiped at a moment’s notice.

 

Choose PGP encryption for secure communication

Because as citizens we’re at the mercy of laws set by those in power, it’s vital that you choose a communications provider, and a secure device, that makes reading your email impossible.

While BlackBerry PGP encryption can’t necessarily stop emails from being intercepted, the emails themselves are encrypted and can’t be read. You’re in total control of your privacy.

 

Interested in how to protect your communications? Find out more.

Posted on

Why Myntex Owns Their Canadian Data Centre (and Why That’s Important)

Unlike many encrypted email providers, Myntex houses their servers onsite at our Canadian headquarters. We’d like to explain why having our data centre on the premises is significant, and how this influences how users ultimately choose between encryption providers.

 

We have total control over our servers

Because our data centre is located in our headquarters, we have total control over it. In the event of an issue arising, we can be onsite immediately to troubleshoot the problem. We keep the servers running smoothly, installing critical updates ourselves, controlling the heating, cooling and humidity, and ensuring we have disaster recovery plans in place.

This means fewer interruptions to PGP BlackBerry encryption services for users.

DDOS attacks are a massive problem for communication companies. Competitors, activists and hackers launch DDOS attacks to disrupt users’ service and sometimes even to test exploitable networks. Running your own data centre means you can use multiple methods of DDOS protection with flexible mitigation options.

Our office is located in Canada, so we benefit from laws that protect the digital privacy rights of citizens. Canadian laws aren’t as invasive as those in other countries. If law enforcement wanted to gain access to our servers, they would need a warrant.

Of course, even if Canadian authorities did gain a warrant, they wouldn’t be able to access any emails because they are deleted every 24 hours and without access to the PGP keys, decryption is impossible (more on that later).

 

No security in unstable countries

Unauthorized access to data centres is a real threat in less stable countries. Unfortunately, many encryption providers choose to house their servers in countries different than their headquarters. They may not own their own data centre, as this is a significant investment, so they co-locate in someone else’s data centre. This is incredibly risky for several reasons.

Unstable countries often have unstable governments, who are more likely to bribe a data centre employee for access to their servers. Your data may feel safe until it’s not. As well, there’s no one onsite from the PGP encryption provider to keep tabs on equipment failure, tampering or theft.

 

We don’t actually host data

It’s important to note that all data that comes through Myntex’s servers is encrypted. The encrypted email service is also subject to an automatic delete policy, which means emails are wiped every 24 hours. No one’s data sits needlessly on our servers.

 

Have more questions about our Canadian data centre? We’re happy to chat. Get in touch.

Posted on

The Reality of Encryption

We’ve all seen political leaders and law enforcement from around the world trying to abolish end-to-end encryption, why is that? Follow along and we will share why we think encrypted communication is being scrutinized.

In countries around the world today encryption goes hand in hand with the right to privacy. You as a person have the right to privacy, and henceforth the right to secure your private data. While this seems like an opportunity to hide wrongdoings, or illegal activities this isn’t the case for the grand majority of the population.

The average person uses encryption far more than they may be aware of. At the time this article was published over half of web traffic has been encrypted using the HTTPS protocol. Why is internet traffic encrypted? Well that’s quite simple! Without encryption, hackers, scammers, and criminals would have access to all the data you transmit and receive on a daily basis. HTTPS wasn’t created and implemented to cover up a criminal conspiracy theory, it was invented to allow the safe transit of information.

So what would happen if the powers that be succeeded in ending encryption as we know it? Well this is where it gets interesting! Encryption is plain and simply just math… The same kind of math that was invented by the Babylonians nearly four thousand years ago. So quite frankly we don’t see Math going anywhere anytime soon. That being said, this means encryption itself would be the target of a new law forbidding math!?

Let’s imagine for a moment that this encryption ban was successful, what would that mean to the average law abiding citizen? Well it would be quite detrimental to your digital life as you know it. You would no longer be able to secure or encrypt family photos, email accounts, digital journal entries, or any other digital information stored on your computer, cellphone, hard drives, etc. This would cause mass data leaks, and theoretically end the last bit of privacy/anonymity we as law abiding members of the digital age possess.

In this same theoretical circumstance what would that mean for the criminals that were the initial target for the encryption ban? Well… to be frank, if someone was to break the law as a way of life, why would they draw the line at this new encryption law? Albeit a new kibosh on encryption would not affect criminal behavior in any way, if they are prepared to live a life of crime why would they follow this law and break all the others?

In our humble opinion the idea of putting an end to encryption would be setting us further back than forward. We believe everyone has the right to their privacy, and by implementing a ban on encryption it would only succeed in removing freedom and privacy from the people who deserve it most.

Nothing to hide is not the same as nothing to lose.

Don’t hesitate to reach out to us here at Myntex to let us know what your stance on encryption is!

Posted on

PGP for BlackBerry: How Does it Work?

PGP is a widely used method of protecting personal and private communications between individuals and businesses. Since its invention in 1991, it has become the de facto standard in email encryption. Having undergone many improvements and updates since it was first released, PGP remains the most secure way to send email on an encrypted BlackBerry.

 

Heres a rundown of how the technology works, what it means to email users and why Myntex uses BlackBerry encryption.

 

Encrypted email cant be read

With the use of PGP, BlackBerry users can send encrypted email messages that only the intended recipient can decrypt and read. PGP cannot prevent email messages from being intercepted. But because messages between PGP BlackBerry devices are encrypted, an intercepted message is meaningless and unreadable.

PGP encrypted email can only be decrypted by the intended recipient.

Using PGP, BlackBerry users can also authenticate their identity when sending secure messages, so the recipient can guarantee the message was not sent by an imposter. This is called digital signing with PGP.

 

How BlackBerry supports PGP

Myntex only offers PGP on BlackBerry devices. This is because PGP is well supported on BlackBerry devices. By adding PGP encryption to the added security already built into a standard BlackBerry and the BlackBerry Enterprise Server, PGP BlackBerry users are free to send and receive encrypted email between each other and other companies, as long as they implement the same security standards.

 

How Myntex uses PGP

Myntex implements PGP for BlackBerry the way it was designed to be implemented. By enforcing the strict use of the most advanced algorithms available, we ensure our clients’ privacy and security is in a safe environment.

For maximum security, our BlackBerry PGP encryption service utilizes AES 256 bit PGP encryption with a 4096 bit RSA key format.

The servers used for our PGP service are managed on-site by our company, and not outsourced to a foreign location. This permits us to restrict access to our servers, prevent unauthorized access, and mitigate corruption issues that plague off-shore servers.

 

A step-by-step explanation of how PGP BlackBerry encryption works

PGP for BlackBerry uses a modified public key system to encrypt email messages. Every BlackBerry user has a private encryption key known only by them — and not known by Myntex — and a public encryption key that other people need to know in order to communicate with them.

 

The public and private keys work together, as follows:

Sender:

  1. The sender composes an email message and hits send.
  2. The message is compressed.
  3. PGP creates a random, one-time session key that’s used to encrypt the compressed email message on the sender’s encrypted BlackBerry. This session key will also be required to decrypt the message.
  4. The session key is then encrypted using the recipient’s public key, which is specifically tied to the recipient’s encrypted BlackBerry. Decryption can only be done using a private key held by the recipient, on that device.
  5. The encrypted email and encrypted session key are both sent to the recipient.

Recipient:

  1. They receive the email.
  2. PGP automatically decrypts the session key with the recipient’s private key, which only they have.
  3. PGP uses the session key to decrypt the compressed email message.
  4. PGP decompresses the message.
  5. The recipient reads the email on their encrypted BlackBerry.

 

Want to learn more about sending secure email through BlackBerry encryption? Let’s talk.

Posted on

6 Reasons to Become a Myntex Reseller

Starting a new business can be daunting. Myntex resellers avoid dealing with many of the challenges faced by new business owners thanks to our simple setup process, manageable product costs and 24/7 support. There’s no pressure to buy large volumes of inventory or meet sales quotas. You’re in the driver’s seat.

1.      It’s easy to get started

To become a Myntex reseller, you start by filling out an application form. You’ll have the opportunity to purchase a SIM card and BlackBerry directly from us if needed. Next, we send you the necessary software and instructions to set up your BlackBerry device. Before you get started, we’ll also train you on how to use the secure online reseller portal to manage your customers.

At this point, you’re set to go. As soon as you’re ready to start selling, you place a wholesale SIM card and/or BlackBerry order with us. We also offer ongoing sales coaching and feedback as you build your business.

2.      Startup costs are low

To start selling, a BlackBerry, a SIM card and SIM card inventory are all you need. You decide how much inventory you’d like to pre-purchase, which helps you manage your costs. If your business is thriving, you can slowly start placing larger orders. If you want to invest in marketing, you can do that at a pace you’re comfortable with.

3.      You’re in charge

As a Myntex reseller, your customers belong to you. You sell encryption services directly to them under your own brand. As your own boss, you decide when and how often you work. You can decide whether to open a storefront or run your business entirely on the side. You also have the option to hire sub resellers to expand your business.

4.      Managing customers accounts is easy

Our brand new reseller portal makes it easy to manage your customers. You can create customer accounts, change PGP keys, link new SIM cards and wipe lost customer devices all within the intuitive, secure online portal. The portal also enables proactive customer management by automatically showing you when users need to renew their accounts.

For a full rundown of our reseller portal features, check out our latest blog post.

5. Healthy margins mean healthy profits

We offer resellers access to competitive wholesale pricing that translates into healthy profit margins. Whether you sell a dozen encrypted devices, or you end up selling thousands, the revenue you generate makes becoming a reseller a worthwhile opportunity to pursue.

You’re also tapping into a market eager for encryption services and growing fast. As citizens have begun waking up to their right to privacy, they’ve begun seeking out secure ways to communicate.

6. We’re here to support you

Your customers are yours, but we’re here 24/7 to support you as a reseller. In addition to coaching and training, we offer you a free reseller encrypted email address and technical manuals for your customers. We also forward you customer referrals based on your location.

Ready to become a reseller? Sign up here.

Posted on

Easy Customer Management: Introducing Our New Reseller Portal

We’re excited to unveil the new Myntex Reseller Portal. Running your own business can be overwhelming as you learn about PGP encryption and start selling it directly to customers.

We designed the portal specifically to help our resellers manage their businesses better. We focused on streamlining the new user setup process, building business management tools and enabling better customer service. Resellers can now activate new users from start to finish in under five minutes.

Take a tour of the portal’s key features:

Easy and fast customer management
Log into the portal and create a new customer account in seconds. As you create the customer account, your own PGP key is generated with a password only you will know. You’ll be able to activate accounts, wipe accounts, pair SIM cards and order from the eStore.

At any time, you can see a list of your active accounts, wiped accounts and current SIM card inventory. The wallet system lets resellers pre-pay for encryption services and SIM cards, which cuts down on payment hassles.

The portal also enables proactive customer management via renewal tracking by automatically showing you when users need to renew their accounts. You have the ability to create custom renewal messages that will be sent to customers at three different points in time: 14 days before expiration, seven days and three days.

 

It’s easy to manage your client list with all of the important information — customer account status, SIM card number and renewal date — on one screen.

 

Secure and simple to use
Log into the Myntex portal using a private, personalized VPN connection. It protects resellers, customers, and Myntex from hacking or other threats. Your data inside the portal is always secure.

Overall, the portal is simple and easy to use, and has an interface that’s intuitive to navigate. We offer a series of help videos we can share with you, and we’re available to help you at any time.

 

The calendar view in the portal allows resellers to get a big-picture impression of account activity over several months, and anticipate upcoming activations and expirations.

 

Coming soon: Centralized business management
We’re in the process of adding more features to the portal. Starting soon, the portal will give resellers a central place from which to manage and control their business.

Dashboard reporting will allow you to review key customer and sub-reseller analytics. The portal will let you allocate funds to sub-resellers. This mitigates the risk of not receiving payments from sub-resellers because they will pre-pay for services.

The portal will provide resellers with a sub-reseller contact database. This is where you can track contact information, wallet allocations, and reseller customer counts. It’s all in one place for easy reference and day-to-day management.

 

Starting soon, click on the individual reseller management screen in the portal to update contact information, check the wallet balance and flag any issues in the notes section. We want to see you succeed Our goal is to help you grow a successful reseller business. In addition to competitive wholesale pricing, we also offer resellers 24-hour support and one-on-one sales coaching.

 

We’re conducting one-on-one portal training sessions with new resellers to help them get started. Book your spot. 

Posted on

Still Secure: Debunking Myths About BlackBerry PGP

PGP, which stands for Pretty Good Privacy, is a widely used method of protecting and authenticating personal and private communication between two parties. The technology works seamlessly on a BlackBerry device, making BlackBerry PGP encryption one of the most reliable forms of secure email communication in the world.

Unfortunately, many myths about the security and reliability of BlackBerry PGP encryption persist. They tend to pop up any time there’s a high-profile story about police claiming they’ve managed to decrypt the private communication of citizens.

We’re here to bust the three biggest myths about BlackBerry PGP encryption:

Myth: Law enforcement agencies have cracked BlackBerry PGP encryption

In reality, it’s virtually impossible to crack encryption. A task like that would take thousands — perhaps even millions — of years to accomplish. You access encrypted data by bypassing or circumventing encryption, not cracking it.

In this case, for communications to be secure from law enforcement, the BlackBerry in question must be paired to a private BlackBerry Enterprise Server (BES). Essentially, a private BES is a private network, where a portion of the encryption key for the device in question is stored on a private server. The device doesn’t contain the entire key, and neither does the server. Data remains encrypted — you can’t access one without the other.

While we have no way of knowing exactly how law enforcement gains access to devices, they likely do it by obtaining passwords from individuals willing to share them, rather than by circumventing the encryption technology itself.

People, rather than technology, tend to be the weakest link in encryption.

Myth: BlackBerry devices are vulnerable to hacking

By not pairing a BlackBerry device with a private BES, it’s true that law enforcement could theoretically access it by physically removing the chips for the device in question and analyzing them forensically, or by using a debugging connection.

To avoid this, users should simply never use PGP encryption on a BlackBerry that isn’t paired to a private BES infrastructure.

In general, 80% of the devices we use every day are already infected with malware. BlackBerry PGP encryption accessed via a reliable provider isolates the use of the phone to just email. None of the other functions of the phone — web browsing, apps, texting, GPS, video, camera or microphone — are available.

This removes the opportunity for someone to use malware to circumvent the encryption.

Myth: Governments can demand access to BlackBerry PGP providers’ servers

Unfortunately, if these servers are located offshore in a politically unstable country, authorities could demand and gain access to a private data center. This is why you need to choose your service very carefully.

Myntex’s servers are managed on-site in Canada and not outsourced to a foreign location. This means we’re able to restrict access and mitigate the corruption issues that come up in other countries.

Ready to offer BlackBerry PGP to your customers? Get in touch.

Posted on

Why Encryption is the Future of Online Communication

It feels like stories of large-scale hacking and security attacks are everywhere.

The U.S. government has formally accused Russia of launching a cyber attack in a bid to harm Democratic nominee Hillary Clinton’s presidential campaign.

In late 2016, Yahoo announced it was the victim of the biggest hacking incident ever. The attack, which actually happened in 2013, affected roughly one billion user accounts and resulted in the theft of email addresses, phone numbers, dates of birth and passwords. Perhaps the most disturbing part of the whole incident: Yahoo users didn’t find out about the breach until three years after it happened.

Email is notoriously insecure. The uncomfortable truth is that if you use email, someone has probably already accessed your private data simply because anyone savvy enough to intercept a message not protected by an encryption key can read it. Whether you’re sending baby photos to family or sensitive client documents to colleagues, this matters.

Encryption as a privacy solution is not new, but it’s been slow to go mainstream. Plenty of us realize the way we choose to communicate is not secure, but lack the resources or know-how to protect ourselves. But that’s starting to change.

Here’s why encryption is the future of online communication.

 

Encrypted messaging apps have arrived

WhatsApp, one of the most popular web messaging apps in the world, now claims to offer  end-to-end encryption as part of their service. Its one billion users don’t have to opt in; the company says messages are automatically encrypted as long as the app is updated.

Facebook, WhatsApp’s parent company, has also rolled out encrypted communications. But in the case of Facebook Messenger, you need to manually switch over to the Secret messages function.

Clearly, the demand for encryption is growing. Unfortunately, it’s still too good to be true. These companies aren’t living up to their encryption claims. In the case of WhatsApp, the company owns the encryption keys, instead of the user, meaning they could unscramble any message simply by changing the encryption key.

Even worse, WhatsApp is now the target of a lawsuit from a German consumer group that alleges the company shares its private user lists with Facebook.

In general, messaging apps with encryption offer a bit of privacy protection, but because they can’t control the devices people use, everyone is still at risk. It’s far more secure to rely on a trusted email encryption provider.

 

Encrypted email is getting easier to use

The public is finally coming around to the notion that email encryption isn’t all that complex for users. And unlike messaging apps, email encryption on a device such as a BlackBerry is actually secure.

Encryption essentially means scrambling a message sent over the internet so that anyone without a password — called an encryption key — is unable to view it. The email looks like gibberish without the encryption key.

Luckily, email users don’t need to create these encryption keys themselves or be particularly tech savvy. They just need to purchase a reliable service that does it for them. In many cases, this simply means purchasing a phone, SIM card and email encryption service from a reputable provider.

The phone user has two encryption keys: a private one that only they know, and a public one that other people need to communicate with them. Sending encrypted email is much like sending regular email, with the addition of the handful of straightforward steps to enter your encryption passwords.

 

We’re waking up to our right to privacy as citizens

We’re becoming increasingly aware that we’re under constant surveillance, often from government, to track our movements and even censor speech. Troubling new legislation enacted late last year in the UK will give law enforcement and intelligence agencies the authority to “conduct online surveillance, hack into devices deemed relevant to investigations, and make technology companies provide access to data about their users.”

Digital communication also crosses many borders, meaning that even if you’re comfortable with the level of surveillance in your own country, you could become the target of a foreign government’s surveillance or hacking tactics.

Even if you have nothing to hide, you still have a right to digital privacy. Email encryption won’t stop your emails from being intercepted, but it will prevent those intercepted emails from being read.

 

Don’t miss out on the opportunity to meet the growing need for email encryption services. Find out more about becoming a reseller.