ProtonMail is an end-to-end encrypted email service founded in 2014 at the CERN research facility by Andy Yen, Jason Stockman and Wei Sun. ProtonMail uses client-side encryption to protect email contents and user data before they are sent to ProtonMail servers, in contrast to other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network or dedicated iOS and Android apps.
ProtonMail is run by Proton Technologies AG, a company based in the Canton of Geneva, and its servers are located at two locations in Switzerland, outside of US and EU jurisdiction. The service received initial funding through a crowdfunding campaign. The default account setup is free and the service is sustained by optional paid services. As of January 2017[update], ProtonMail has over 2 million users. Initially invitation-only, ProtonMail opened up to the public in March 2016.
On 16 May 2014, ProtonMail entered into public beta. Within three days, ProtonMail was met with an overwhelming response and was forced to temporarily suspend beta signups while they worked to expand server capacity.
On 31 July 2014, ProtonMail received US$550,377 from 10,576 donors through a crowdfunding campaign on Indiegogo, while aiming for US$100,000. During the campaign, PayPal froze ProtonMail's PayPal account, thereby preventing the withdrawal of US$251,721 worth of donations. PayPal stated that the account was frozen due to doubts of the legality of encryption, statements that opponents said were unfounded. The restrictions were lifted the following day.
On 13 August 2015, ProtonMail released version 2.0, which was the most significant update in ProtonMail's history and included a new codebase for its web interface and introduced significant performance enhancements. The ProtonMail team simultaneously released the source code for the web interface under an open-source license.
On 17 March 2016, ProtonMail released version 3.0, which saw the official launch of ProtonMail out of beta. With a new interface for the web client, version 3.0 also included the public launch of ProtonMail's iOS and Android beta applications. These applications are built natively for each respective platform maintaining the gestures and actions familiar with each operating system. The mobile apps proved to be a hit with reports of increased efficiency and the ability to leave other email providers such as Gmail due to the usability and feature set found in ProtonMail. After receiving hundreds of thousands of downloads in the first week and thousands of reviews, the ProtonMail mobile apps garnered the highest ranking score in the app and play store.
On 21 November 2017, ProtonMail introduced ProtonMail Contacts, a zero-access encryption contacts manager. ProtonMail Contacts also utilizes digital signatures to verify the integrity of contacts data. 
On 6 December 2017, ProtonMail launched ProtonMail Bridge, an application that provides end-to-end email encryption to any desktop client that supports IMAP and SMTP, such as Microsoft Outlook, Mozilla Thunderbird and Apple Mail for Windows and MacOS.
From 3 to 7 November 2015, ProtonMail was under several DDoS attacks that made the service largely unavailable to users. ProtonMail believed that it was affected by two separate attacks, the first led by a group of hackers known as the Armada Collective and the second by an unknown, more technically advanced group with abilities similar to a state-sponsored group. The first attack was tied to a ransom of 15 Bitcoins (roughly US$16,000) which ProtonMail eventually paid due to pressure from ISPs and other companies affected by the attack. The DDoS attacks, however, did not stop and instead began to take on more sophistication, with rates exceeding 100 Gb/s. The company received an email from the Armada Collective in which they denied responsibility for the ongoing attack. During the attack, the company stated on Twitter that it was looking for a new data centre in Switzerland, saying that "many are afraid due to the magnitude of the attack against us". They have since posted that they "have a comprehensive long term solution which is already being implemented".
ProtonMail uses a combination of public-key cryptography and symmetric encryption protocols to offer end-to-end encryption. When a user creates a ProtonMail account, their browser generates a pair of public and private RSA keys:
This symmetrical encryption happens in the user's web browser using AES-256. Upon the account registration, the user is asked to provide a login password for their account. ProtonMail also offers users to login with two password mode that require a login password and a mailbox password.
Upon logging in, the user has to provide both passwords. This is to access the account and the encrypted mailbox and its private encryption key. The decryption takes place client-side either in a web browser or in one of the apps. The public key and the encrypted private key are both stored on ProtonMail servers. Thus ProtonMail stores decryption keys only in their encrypted form so ProtonMail developers are unable to retrieve user emails nor reset user mailbox passwords. This system absolves ProtonMail from:
ProtonMail exclusively supports HTTPS and uses TLS with ephemeral key exchange to encrypt all Internet traffic between users and ProtonMail servers. Their 4096-bit RSA SSL certificate is signed by QuoVadis Trustlink Schweiz AG and supports Extended Validation, Certificate Transparency, Public Key Pinning, and Strict Transport Security. Protonmail.com holds an "A+" rating from Qualys SSL Labs.
In September 2015, ProtonMail added native support to their web interface and mobile app for Pretty Good Privacy (PGP). This allows a user to export their ProtonMail PGP-encoded public key to others outside of ProtonMail, enabling them to use the key for email encryption. The ProtonMail team plans to support PGP encryption from ProtonMail to outside users.
An email sent from one ProtonMail account to another is automatically encrypted with the public key of the recipient. Once encrypted, only the private key of the recipient can decrypt the email. When the recipient logs in, their mailbox password decrypts their private key and unlocks their inbox.
Emails sent from ProtonMail to non-ProtonMail email addresses may optionally be sent in plain text or with end-to-end encryption. With encryption, the email is encrypted with AES under a user-supplied password. The recipient receives a link to the ProtonMail website on which they can enter the password and read the decrypted email. ProtonMail assumes that the sender and the recipient have exchanged this password through a back channel. Such emails can be set to self-destruct after a period of time.
ProtonMail maintains and owns their server hardware and network in order to avoid trusting a third party. They maintain two redundant data centres in Lausanne and Attinghausen (in the former K7 military bunker under 1,000 meters of granite rock). Since the data centres are located in Switzerland they are legally outside of US and EU jurisdiction. Under Swiss law all surveillance requests from foreign countries must go through a Swiss court and are subject to international treaties. Prospective surveillance targets are notified and can appeal the request in court.
Each datacenter uses load balancing across web, mail, and SQL servers, redundant power supply, hard drives with full disk encryption, and exclusive use of Linux and other open-source software. In December 2014, ProtonMail joined the RIPE NCC in an effort to have more direct control over the surrounding Internet infrastructure.
ProtonMail is offered with multiple plans:
|Plan||Messages Per Day||Folders/Labels||Storage||Aliases||Domains||Price||Support|
|Free||150||3/3||500 MB||1 Address||-||Free||Limited Support|
|Plus||1000||200/200||5 GB||5 Addresses||1||$5 /mo or $48 /yr||Support [c 1]|
|Professional||Unlimited||Unlimited/Unlimited||5 GB||5 Addresses/User||2||$8 /mo or $75 /yr||Priority Support [c 1]|
|Visionary||Unlimited||Unlimited/Unlimited||20 GB||50 Addresses||10||$30.00 /mo or $288.00 /yr||Priority Support [c 1][c 2]|
Setting up Two Factor Authentication in ProtonMail
|Wikimedia Commons has media related to ProtonMail.|