The new Proton Mail has passed its independent security audit

Richie Koch

Share this page

At Proton(new window), we believe everyone should be in control of their personal data. A critical component of controlling your data is having the ability to make informed decisions about who you entrust with your data and how it is secured. Most companies rely on security through obscurity and do not share their code, making it impossible for you to accurately assess how secure their service is.

Rather than relying on secrecy to protect our code, we believe in security through transparency, which means we: 

  • Make all our apps open source to leverage the expertise of IT security experts and the Proton community
  • Commission independent security experts to conduct regular audits of our code
  • Share the audit reports with the public

By subjecting our apps to rigorous public examination, we ensure that any potential vulnerabilities are swiftly discovered and resolved. 

We have previously shared the results of the audits for our Proton Mail(new window) and Proton VPN(new window) apps. Now that we have released the new Proton Mail, including Proton Calendar(new window), we would like to share the results of its audit as well.

The new Proton Mail is secure

Like all Proton applications, the new Proton Mail is open source, and anyone can inspect its code for themselves on GitHub(new window)

Prior to their release, the source code of both the new Proton Mail and Proton Calendar underwent an extensive security audit. We are happy to announce the final report was overwhelmingly positive, and the audit uncovered no major issues or security vulnerabilities

Read the audit report for the new Proton Mail

This security audit was carried out by Securitum(new window), a leading European security auditing company. Securitum currently oversees more than 300 security testing projects every year, including for many top European banks.

Security through transparency

Proton Mail was founded by scientists who met at the European Organization for Nuclear Research (CERN), and the scientific principles of peer review and transparency are core values of our team. Just as we would not trust a result without first seeing the underlying data, we do not expect you to trust us without being able to examine our work for yourselves. 

If you have questions or comments about the security audit for the new Proton Mail, please share them with us! Join the conversation on Twitter(new window) and Reddit(new window).

Protect your privacy with Proton
Get a free account

Share this page

Richie Koch

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Related articles

The first month of 2023 has brought brutal layoffs from Big Tech, a potential ban of TikTok in the US, and another Twitter breach. But the biggest development of this new year has to be the ascent of ChatGPT.  The chatbot can produce remarkably huma
Hackers were able to steal account details from over 200 million Twitter users and posted the database on a hacking forum in early January 2023. These details include users’ email addresses and Twitter handles, allowing people to potentially identify
From your online shopping receipts to financial statements, your emails contain a great deal of sensitive information about your life, interests, and daily schedule. If you’re concerned about your online privacy, it’s therefore vital to keep your inb
At Proton, we’re committed to building privacy-focused products that are convenient to use and improve your productivity. Last year, we released the new mobile apps for Proton Calendar and Proton Drive, letting you manage your schedule and upload imp
Most email services aren’t secure and limit attachment file sizes, but there are ways to send large files securely. If you’ve ever tried attaching multiple images or video files to an email, you’ll know that it doesn’t always work. We explain ways t
Email wasn’t initially designed to be secure. From spam and phishing attempts to malware, unethical marketers and cybercriminals try to undermine the security and privacy of your inbox every day. Since your inbox stores plenty of sensitive informatio