If you have a question that’s not answered below, please email us.
What is p≡p?
p≡p stands for "pretty Easy privacy". It allows for straightforward and hassle-free encryption of your written digital communication (e.g., email) by default. p≡p is a cyber security solution which protects the confidentiality and reliability of communications for citizens, for public offices and for enterprises. It provides end-to-end cryptography through software that you install on your desktop, your tablet or your phone.
Why should I use p≡p?
p≡p ensures that no one can intercept or read your digital text-based communication, thereby dramatically reduces the risk of identity theft, fraud and privacy breaches.
What makes p≡p different from other security and privacy solutions?
p≡p is unique and innovative because:
• It is easy to use without any compromise in security or privacy.
• It currently already works for multiple email systems, solutions for a messaging system, including chat and SMS text is in planning.
• We cooperate with GNUnet and run research and development projects to provide an anonymization solution that protects metadata.
• p≡p is Privacy by Default!
When you say p≡p is easy to use, what does that really mean?
After installing p≡p you just continue to write messages as before. p≡p's usage is easy to understand. Everyone can use p≡p, it is not just for power users. There is no "user settings", installation and configuration happen automatized in the background. No user interaction is required for communicating securely, such as sending encrypted emails. If secure communication is not possible (e.g., because the other peer whom you are communicating with does not have any encryption solution installed) emails will anyway be sent (unencrypted), so your communication will never be blocked. Of course you can see in the user interface when a message is about to go out unprotected.
When you say p≡p is privacy by default, what does that really mean?
By default means: p≡p automatically encrypts (and later also anonymizes) your communication, given that your communication partner has any encryption tool installed (no interaction required for key exchange). It encourages you to verify with whom you are communicating and guides you through the required easy handshake step. In a broader sense p≡p is aiming to change the overall situation in digital text-based communications from today being mostly unencrypted, unanonymized and unveriﬁed to a new default of being encrypted, anonymized and veriﬁed. That's why p≡p considers email as only one, but the most important channel, to be protected.
When will p≡p be available?
The new p≡p release (version 1.0.200) encrypts and verifies emails and works for
• Outlook on Windows (including KeyImport)
• Android tablets and phones (including KeyImport)
Later releases will provide key synchronization (p≡p sync).
Reseach and development projects to achieve protection of metadata with an integration of GNUnet in p≡p are conducted by the p≡p Foundation in order to provide the prerequsites for future end-user releases that include anonymization.
Where can I buy p≡p?
We have an online store: https://pep.software/shop/. Enigmail/p≡p (an add-on for Thunderbird) as well as p≡p for Android in the F-Droid store can be downloaded for free. A p≡p for Outlook subscription is available from our online store and the p≡p mobile applications are available from the Apple App Store and from Google Play. For businesses the p≡p mobile applications are also available from Apples Volume Purchase Program and from Google Play for Work. If your business has more than 500 users please contact us here: https://www.pep.security/contact-us/ or here: email@example.com or here: CH +41 445150402; UK +44 2038087152, LUX +352 2021008702, US +1 646 854 5632.
How much does p≡p cost?
p≡p costs less than your yearly budget for envelopes and stamps, yet achieves significantly more for your privacy.
Please consult our p≡p online shop to find out current p≡p for Outlook subscription costs. Please refer to either the App Store or Google Play Store to find out p≡p mobile app pricing. Please contact us if you would like to receive a quote for your p≡p Enterprise Subscription (unlimited devices per user per year): Here: https://www.pep.security/contact/ or here: firstname.lastname@example.org or here: CH +41 445150402; UK +44 2038087152, LUX +352 2021008702, US +1 646 854 5632
p≡p and my Privacy
How can I be sure that p≡p does not have any back doors?
All our code is open source and so anyone can download the source code and check for backdoors or vulnerabilities in the software. In addition, we pay independent security experts to do code reviews of our software. The results of their audits are published and can be reviewed too (cf. https://pep.foundation/docs/code-audits/).
Where can I get access to your source code?
Do p≡p Apps you log my activity?
p≡p does not log your activity on any p≡p infrastructure, indeed since p≡p is device-based and hence peer-to-peer there is no central infrastructure through which we could log your activities even if we wanted to!
Does p≡p prevent governments from seeing my email and messages?
Yes, assuming that you have not given them access to your private key. In order to see your emails a government would have to target you and gain access to your device (e.g., with a warrant getting and/or by hacking the device itself). p≡p users are encouraged to encrypt their devices (like iOS does automatically) to prevent the loss of private key material.
What do you do when you receive a request from a government or a court to hand over mine or another user's keys or emails or messages?
Since p≡p is device-based and peer-to-peer, we have no central infrastructure or servers and so only you have your keys. Therefore solely you can read your communications, not even p≡p can. So we do not have anything we could hand over about you or any of our users. We have not had any such requests so far.
Yes, but would you still tell me when there are requests from a governments or a court to hand over mine or another user's keys or emails or messages?
p≡p security, like all technology companies, may face certain legal restrictions as to how transparent we can be to our users about these requests. We will share as much as legally possible about such requests. It is important to remember though that p≡p does not store anything that we could hand over, neither user keys nor user data. Most importantly, we don't even know with which email address or other types of accounts you configured in p≡p.
Why is anonymizing my emails and messages, and protecting my metadata important?
Please see this short video by Privacy International explaining what metadata is and why we think it is important to protect it: https://privacyinternational.org/video/1621/video-what-metadata
What does p≡p do to protect my metadata?
p≡p not only protects the body of the message (including attachments), but also the subject and other metadata unnecessarily exposed. In the p≡p foundation, our entity that owns and develops the p≡p core code (p≡p engine and the adapters / bindings for different programming languages), we conduct research and development projects together with the GNUnet project https://gnunet.org/ to integrate GNUnet in p≡p and so for the first time realize effective metadata protection. This feature will be part of future releases.
Is it possible to buy p≡p anonymously?
It is possible to buy p≡p anonymized. We will also support anonymous cryptocurrencies. At the moment we handle such payments on a per-customer basis.
How p≡p works (User view)
How do I set up p≡p on my desktop?
When the p≡p software is added to your existing email client (e.g., Outlook for Windows or Thunderbird for Windows/Mac/Linux) it automatically configures itself to work with your existing email accounts. If you subsequently add new accounts, then p≡p will automatically work with them, too. Even though it is discouraged for regular users, of course power users remain free to conﬁgure their installation by themselves and turn off the automation proposed by p≡p.
How do I set up p≡p on my mobile device?
When p≡p is downloaded to your mobile device your existing email and messaging accounts need to be added to the p≡p mobile application for p≡p to work with them. If you subsequently add new accounts, then these will need to be added to the p≡p mobile application for p≡p to work with them. All other elements of the p≡p setup are automatic, although power users remain free to conﬁgure their installation by themselves and turn off the automation proposed by p≡p.
What happens if I am already using a security solution?
p≡p strives to automatically integrate with any existing security solution you have. For example, if you already have OpenPGP keys, then p≡p will just use them for any further communication. If you have S/MIME, for now, p≡p will co-exist with it. This already works in p≡p for Outlook. The mobile versions will soon catch up.
What happens if I am an existing PGP user and I install p≡p?
If you are an existing PGP user, then p≡p will use your existing PGP installation and use it automatically. An exception is the Thunderbird add-on Enigmail/p≡p: for existing users p≡p nees to be force-enabled here. The Enigmail/p≡p mode exists since version 2 of Enigmail.
What happens if my p≡p keys expire?
p≡p will automatically renew your expired key(s). Regular PGP users will then have to import your attached renewed key(s) in order to continue to communicate with you securely. p≡p users automatically get the new key(s) and use them from then on.
When I am using p≡p how does it change how I write and send emails and messages?
When using p≡p you can just send your emails and messages in just the same way as you did before! For its basic operation p≡p does not require any user interaction, p≡p will automatically find the most secure way of communicating for you.
When I am using p≡p how does it change how I read the emails and messages I receive?
When using p≡p you just read your emails and messages in just the same way as you did before! p≡p automatically decrypts the secure emails that are sent to you.
Can I still read the secure emails and messages I send?
p≡p will always store the secure messages you've sent so you can read them later. Just like received messages, sent messages will be stored securely (encrypted) for untrusted accounts and unencrypted if you trust the underlying server (configurable in options). This option is most interesting for organizations which need to comply to legal archiving obligations. In any case, mass interception of emails by unauthorized parties is prevented by p≡p.
How do I know how secure a communication is before I send it, or was when I receive it?
p≡p displays a Privacy Status at the bottom of all outgoing and incoming emails. p≡p uses a trafﬁc lights metaphor, extended by the fallback to gray, to indicate the Privacy Status, along with statements which are directly linked to how secure the available communication channel is or was.
What is the full set of statements used to indicate the Privacy Status?
The full set of Privacy Status’ are:
• Gray/Unknown/Unsecure/Unreliable Security
- Unknown is commonly used for outgoing messages where no contact or address has yet been added to the To, Cc or Bcc fields of an email.
- Unsecure means that p≡p cannot find a way of sending with any form of encryption or has received the communication without any encryption. This basically represents the default situation today in which emails usually must be considered to be as openly readable as a physical post card.
- Unreliable means that p≡p cannot find a way of sending or receiving the communication reliably.
- The communication is encrypted using state-of-the-art technology. However, your communication partner still needs to be trusted by completing a handshake.
• Green/Secure & Trusted:
- The communication is encrypted using state-of-the-art technology and your communication partner is trusted. Trust is confirmed with a onetime handshake where, using a separate channel (e.g., by a phone call) communication partners verify they are who they say they are. Thus, the communication can be fully trusted (This holds as long as the end-devices have not been hacked).
• Red/Mistrusted, Under Attack:
- Mistrusted means that you have previously failed a handshake. You cannot trust that your communication partner is who they say they are.
- Under Attack means that either a man-in-the-middle (MITM) attack has to be assumed or another (serious) cryptographic error occurred. The communication channel must be considered unsecure and any exchanged information must not be considered confidential or private. Still, as p≡p user you can continue to communicate. You just need to be aware that someone might be in between reading your communications.
What happens if p≡p can only send a communication Gray/Unsecure and I still want to send it Yellow/Secure?
If this is the first time that you have communicated with the recipient, then it may be possible that p≡p sends an encrypted communication but only after your first communication has taken place (so-called Trust On First Use or TOFU). In this case and for email there is a need to first send a non-sensitive communication (e.g., a blank email) to the recipient and see if the Privacy Status of the reply comes back encrypted by default.
Tell me more about the p≡p Reader for Outlook?
The p≡p Reader for Outlook allows the recipient to read an incoming encrypted email but not reply to them. In order to send (and hence reply) to an encrypted email a full p≡p for Outlook subscription is required.
How do I verify a communication and advance the Privacy Status from Yellow/Secure to Green/Secure & Trusted?
p≡p guides you through the verification with detailed descriptions displayed to you. To establish a Green/Secure & Trusted communication channel you need to first do a Handshake through a separate channel (e. g., in a phone call). This is to verify your peer's identity, which is done by the metaphorical “Handshake” initiated by selecting the Yellow/Secure Privacy Status icon on the email.
What does the “Handshake” involve?
p≡p guides you through the verification with detailed descriptions displayed to you. If the other person is also a p≡p user, then your handshake is very straightforward: both of you can simply compare your p≡p Trustwords which p≡p prompts you with. If the Trustwords, displayed on both devices, match (compared in a separate channel such as a phone call) then both users confirm this in the dialogue box and the Privacy Status will switch to Green/Secure & Trusted for all future communication with that user. If the other user does not have p≡p, then you each have to read out and compare your and the partners PGP fingerprints (a 40-digit sequence; the hexadecimal number system contains letters and symbols), which p≡p also prompts you with.
What are p≡p Trustwords?
Trustwords are used to achieve easy contact verification. In p≡p they replace the fingerprints known from PGP. To ensure that there is no man-in-the-middle (MITM) attack on the communication channel, Trustwords need to be compared between two communication partners in a Handshake. Trustwords are common words in a natural language (e.g., English), for example, CAR HORSE BATTERY STAPLE APPLE. After comparing Trustwords between two communication partners, the communication between to partners is not only secure (encrypted), but also trusted (no man-in-the-middle attack).
What happens if p≡p can send an email or a message Yellow/Encrypted or Green/Secure & Trusted but I actually want to send it unencrypted?
With p≡p you always have the option to send an email or a message unencrypted regardless of the Privacy Status. This is done by selecting the Disable Protection option at the header of the email.
Does p≡p ever stop me from sending an email?
No, p≡p will always let you send an email, regardless of the Privacy Status, even if it is Red/Under Attack.
What Privacy Status is shown if I am sending an email to multiple people?
The Privacy Status will always reflect the least secure communication across all of the intended recipients.
How do I know the actual Privacy Status for each recipient?
You can see the Privacy Status of individual recipients by selecting the Privacy Status box. This pop-up window also allows you to manage the Privacy Status of individual recipients, e.g., you can stop trusting a recipient who is Green/Secure & Trusted or initiate a Handshake with a recipient who is Yellow/Secure etc.
Can I now send secure and private communications from my other devices?
You need p≡p on each of your devices or have to import key material to your other (compatible) clients in order to send secure and private communication. However, stay aware that other encryption solutions might not show you any meaningful status of how trustworthy your communication is.
Can I receive secure and private communication on my other devices?
While you can receive secure email and messages on devices without p≡p on them you might not be able to read them. You need p≡p (or a solution compatible to it) on each device you use to access encrypted messages.
Are there any complexities with having p≡p on more than one of my devices?
p≡p is designed to work across all of your devices and it does this by automatically detecting any other devices associated with your email or messaging accounts which is also running p≡p. So far, you will have to manually import your keys. Yet, we are working on a solution (p≡p sync), that will then detect and synchronize devices and keys automatically.
How does p≡p store your secure emails?
By default, p≡p stores your emails encrypted, but it gives you the option to store them also unencrypted (so-called Trusted Server option). If you trust your email provider and their servers, then you can store your emails unencrypted. If you do not trust your email provider or their servers, then you are advised to have p≡p store your emails encrypted.
Where can I get support?
Visit https://pep.community/ or email us at email@example.com.
How p≡p works (Technical view)
What does p≡p do and how?
p≡p encrypts your emails and it does this automatically and by default. p≡p also allows you to easily verify your communications. p≡p is end-to-end and peer to peer, there is no central infrastructure and no way for anyone, not even p≡p, to read your communication.
• encrypts the subject of the communication by moving it into the inner message of the email (email body)
• encrypts the entire header content so that only the envelope remains unencrypted.
• removes the opportunity for an attacker to change the header on an encrypted and signed email, and all the attack vectors which rely on that.
• removes the opportunity for an attacker to monitor the PGP public key server to learn about all the keys the user downloads.
Please consult our White Paper for further information about p≡p's architecture and cryptographic strategy https://pep.foundation/docs/pEp_160718--white-paper_v1.0.5.pdf.
What advantages are associated with p≡p’s Key Management model?
The advantages of p≡p’s Key Management model are:
• Since it is peer-to-peer there is no dependency on a central key store or Certificate Authorities CA, thereby reducing the number of centralized attack vectors considerably. In the case of central key stores p≡p does support OpenPGP key servers. But this is purely for compatibility reasons and the default is for it to be turned off. Similarly for compatibility reasons p≡p does support CAs but in the case of public CAs it will flag the Privacy Status of such communications as Gray/Unreliable since if one single public CA is not trustworthy then the whole system breaks down.
• TOFU provides a wrong sense of trust. With p≡p all you have to do is verify the p≡p Trustwords and then you know, with good reason, to trust. Trusting by default is not good in any case.
• Since it is no true certificate pinning p≡p avoids the false sense of security that alerts will stop an attack. Since alerts associated with a change in trust are often false positives users tend to ignore them and would do similar in the case of a real attack.
How does p≡p select the most secure way of sending an email or a message?
When a p≡p user is communicating with another p≡p user:
1. if online communication available: OTR through GNUnet.
2. if online communication not available:
a. if anonymizing platform available, OpenPGP through anonymizing platform (i.e. Qabel),
b. if anonymizing platform not available, fallback to OpenPGP.
When a p≡p user is communicating with a non-p≡p user then depending on the capabilities of the non-p≡p user:
1. if anonymizing and forward secrecy is possible, use that (i.e. OTR over GNUnet).
2. if anonymizing but no forward secrecy is possible, use that (i.e. OpenPGP over Qabel).
3. if forward secrecy is possible, use that (i.e. OTR).
4. if hard cryptography but no forward secrecy is possible, use that (i.e. OpenPGP)
5. if only weak cryptography is possible, use that (i.e. S/MIME with commercial CAs)
6. send unencrypted.
How should I think about p≡p’s Trust Management model?
p≡p’s Trust Management model is new and innovative and it uniquely matches privacy with empowerment.
What is p≡p’s Trust Management model?
p≡p manages the Trust between the actual p≡p user and their key, so the p≡p User ID is associated with the actual human and the Trust Model is that this actual human being is actually using this key. So p≡p’s Trust Management model is very different from OpenPGP (where the User ID is associated with an email ID) and the p≡p user can use the same key on all of their channels as p≡p (rightly) just thinks of their accounts as different ways that this same human being appears on the internet.
There are a number of additional benefits associated with p≡p Trust Management model:
• Once trust is validate on one channel then it is validated on all channels.
• If p≡p receives a new key from a user it trusts and on a trustworthy channel, then p≡p can move that trust to this new key. This benefit will become even more important when p≡p supports annonymization over OTR (and hence forward secrecy) as new keys can then be distribute and even if you get the old key later on you cannot decrypt the old message. In this case p≡p’s Trust Management model is adapting to perfect forward secrecy and OpenPGP has no solution for this.
How are the p≡p Trustwords generated and is comparing them as reliable as comparing PGP Fingerprints?
The p≡p Trustwords, like a PGP Fingerprint, are generated from the keys p≡p is using (which are at least 2048-bit RSA keys). The p≡p Trustwords are guaranteed to have at least 64 bits of entropy associated with them when being exposed to both peers. While this is less than the 160 bits associated with a PGP Fingerprint, users can compare p≡p Trustwords more easily and faster. So in practice we believe that comparing p≡p Trustwords is in fact more reliable than comparing PGP Fingerprints.
p≡p for Outlook
Which Versions of Outlook does p≡p support?
p≡p for Outlook works with Outlook 2010, Outlook 2013 and Outlook 2016 releases for Windows, in their 32-bit and the 64-bit versions.
Where can I buy p≡p for Outlook?
p≡p for Outlook is available from our online store https://pep.software/shop/. The first releases encrypt and verify emails. Follow-on releases will include anonymization and messaging
How many PC's does my p≡p for Outlook subscription cover?
A p≡p for Outlook subscription is required for each of your PC’s.
Why is p≡p for Outlook only available as a subscription?
The only way that p≡p can continue to protect your communication is always keeping the software up to date, which can only be ensured with professional support.
How do I get updates to p≡p for Outlook?
If you have a valid subscription, then you will be informed when updates of p≡p for Outlook are available. Once accepted the update will self-install on your PC.
Will p≡p for Outlook still work if my subscription expires?
You will be able to read all incoming emails and messages and see their Privacy Status. You will only be able to send emails and messages Gray/Unsecure, regardless of the Privacy Status, until you renew your subscription.
How do I renew my p≡p for Outlook Subscription?
You will be notified by the p≡p online shop via email 15 days prior to the end of the term of your subscription.
Do I need to back up the security keys p≡p has allocated and is managing for me?
It is suggested to import your private key on all available devices. Further, in p≡p for Outlook you can create a backup of your keys (see https://www.pep.security/docs/outlook.html for details).
What happens if I need to re-install p≡p for Outlook on my PC?
You can revisit and login to our online store and go to "Order History", click on view and then click "Download". If you bought p≡p for Outlook using anonymous payment, then please contact us by email at firstname.lastname@example.org.
What happens when I re-install p≡p for Outlook on my PC?
If you have more than one device, you can import the required key material by starting the Key Import process. You find more details in the documentation: https://www.pep.security/docs/outlook.html.
What support do you offer for the p≡p for Outlook?
All support for p≡p for Outlook is linked to a valid subscription and is given e.g., via e-mail to email@example.com. You can also visit our community forum: https://pep.community/.
What is the easiest way for me to send you details about any issues I am having with p≡p for Outlook?
If there is a serious issue with p≡p for Outlook, then a pop-up window will give you the option to send us the crash log via an automatic email. Important to note is that there is no exchange of your private key associated with this process. You can also send us a screenshot of an issue via email to firstname.lastname@example.org.
p≡p for Thunderbird
Can I still use Enigmail/p≡p?
Enigmail/p≡p is an operation mode of Enigmail that integrated some early p≡p functionality into the Enigmail add-on for Thunderbird. Enigmail is being discontinued and is no longer available for the newer versions of Thunderbird, starting with version 78 of Thunderbird.
In addition, Enigmail/p≡p is no longer compatible with the new p≡p functionalities like sync, that are part of the p≡p Security products in versions 1.1. and above. It is not recommended to use Enigmail/p≡p together with newer p≡p clients.
I’m still using Enigmail/p≡p. How can I migrate to p≡p for Thunderbird?
If you use the Enigmail/p≡p Junior Mode: the p≡p for Thunderbird download page will automatically be opened after the upgrade to Thunderbird 78 or above.
A migration to the new p≡p for Thunderbird will also be triggered at some point in the future for users remaining on Thunderbird 68.x.x with the Enigmail/p≡p Junior Mode activated.
You can find the download here: https://www.pep.software/thunderbird/
Which versions of Thunderbird are supported?
p≡p for Thunderbird currently supports Thunderbird versions 68.x.x and 78.x.x.
How much will p≡p for Thunderbird cost?
As Thunderbird is a non-commercial community software available at no cost, p≡p for Thunderbird add-on will be free of charge as well. In addition, and as with all p≡p software, the source code is available as Free Software. In order to keep it this way, please consider contributing to these efforts below. Help us develop free and open source tools with a donation: https://www.pep.security/donate/
How do I get support for p≡p for Thunderbird add-ons?
- Your question might be covered by our user manual which can be found at https://www.pep.security/docs/thunderbird
- If you can’t find an answer, let us know on pep.community.
- If you want to file a bug, please refer to our public bug tracker.
- Don’t hesitate to contact us via e-mail at email@example.com if you still have trouble.
When will the p≡p mobile applications be available?
The p≡p for Android mobile application is available in the Google Play Store and on F-Droid. p≡p for iOS is available in the Apple App Store. These first releases will encrypt and verify email. Follow-on releases will include anonymization and messaging.
Which Versions of the operating systems do the p≡p mobile applications support?
p≡p for iOS requires iOS 11.0 or later and p≡p for Android works with Android 5.0 and later.
Where can I buy the p≡p mobile applications?
p≡p for iOS and p≡p for Android are available from the Apple App Store and from Google Play Store. For enterprises please contact us here: https://www.pep.security/contact/ or here: firstname.lastname@example.org or here: CH +41 445150402; UK +44 2038087152, LUX +352 2021008702, US +1 646 854 5632
What happens when I install one of the p≡p mobile applications but have no email or messaging accounts configured?
You need to have email and messaging accounts configured on your device for the p≡p mobile applications to work. Until now, p≡p only supports email.
How do I get updates to the p≡p mobile applications?
You will be notified by the app store you got your p≡p mobile applications from when there are updates and you can simply download the p≡p update.
What support do you offer for the p≡p mobile applications?
Support is given via email at email@example.com
Or you can also visit https://pep.community/
p≡p for Enterprises
Why should I encrypt my company's email when I am using Transport Level Security (TLS) already?
TLS is designed to secure the transport of one hop of an email's journey, and you have no guarantee that all of the hops an email makes on its journey are going to be secured by TLS. Even if TLS protects every hop, the email still exists unencrypted on all the computers making up all the hops. So the only way to really protect your company's email is to use end-to-end encryption such as p≡p.
Why is p≡p an important cyber security solution for my company?
p≡p offers a step change in the protection of your company’s internal and external digital text-based communications. That said, p≡p is designed to be compatible with your existing protection solutions and is non-intrusive to the policies, procedures and practices which have built up around them.
Will p≡p help reduce Phishing, Spear Phishing and Whaling?
Given the situation that all internal email communication has been verified (signalled by Green/Secure & Trusted Status), then you can rely on it and if an internal email has the Privacy Status of anything below Green/Secure, then your users will recognize it immediately. In this sense p≡p dramatically reduces the risks associated with Phishing, Spear Phishing and Whaling.
Does p≡p support Distribution Lists?
p≡p fully supports Distribution Lists, be they centrally created by IT or created by your end-users.
What is the best way to purchase the p≡p products for my company?
The best way to buy the p≡p products for companies of less than 500 users is:
• p≡p for Outlook Subscription, available from here https://pep.software.
• p≡p for iOS, available on Apple's Volume Purchase Program.
• p≡p for Android, available from Google Play for Work.
If your company has 500 users or more then the best way to buy all of the p≡p products is via the p≡p Enterprise Subscription which is available from here: firstname.lastname@example.org or here: https://www.pep.security/contact/
What is the p≡p Enterprise Subscription and how much does it cost?
The p≡p Enterprise Subscription is user based and covers all of that user's devices (unlimited). It is designed for companies with 500 users and above and it comes with additional phone based support. Please contact us if you would like to receive a quote for your p≡p Enterprise Subscription here: https://www.pep.security/contact/ or here: email@example.com or here: CH +41 445150402; UK +44 2038087152, LUX +352 2021008702, US +1 646 854 5632
How do I get updates to the p≡p software?
You have the option to self-host a p≡p update server within your firewall or allow your users to update their own p≡p software through our public update services. Further you can also use a software distribution product like Microsoft SCCM.
Can I set configuration options before I deploy p≡p for Outlook to my users?
All configuration options are just registry keys and these are set as part of the deployment of p≡p for Outlook by either using a registry patch or an ADM template.
Why would I want to push Keys to certain user groups and how would I do it?
You may want to push all of the keys to all members of a given user group so that all of the emails between the members of that user group automatically send and receive Yellow/Secure email. The keys can be pushed by attaching them as a key file to an email which is sent to the group and their p≡p will automatically import the keys.
Why would I want to push Trust to certain user groups and how would I do it?
You may want to push Trust to all members of a given user group to avoid the need for them to carry out a “Handshake” in order to verify each member of the group and send Green/Secure emails. The Trust can be pushed either during deployment or after deployment. This is done by writing to the system database using SQL scripts which are handled by p≡p automatically.
Why would I want to issue an Extra Key and how would I do it?
YWith extra keys an organization can ensure that all messages can be read with a company key. This can be useful in case a key of a user is not available anymore. Another example where an Extra key might be helpful is when a DLP solution shall be able to decrypt messages. When an Extra Key is defined in p≡p, all outgoing messages are additionally encrypted with the defined extra keys. All incoming messages are re-encrypted with the defined extra keys.
Can p≡p do Key Escrow?
No, p≡p does not support Key Escrow in its first release but it will work with any existing Key Escrow server. If you are interested in this feature then please contact us via firstname.lastname@example.org.
The following set of questions describe p≡p's general compatibility with software/security solutions your enterprise might already have in place. To discuss the specific implementation in your company, we suggest to talk to our consultants. Please do not hesitate to consult us at email@example.com for concrete cases.
Will p≡p work with my existing AES solution?
Yes, since if p≡p finds that a message which is not in a standard format, as in the case of AES, it will just let it pass and not interfere and so you can drive the two systems in parallel.
Will p≡p work with my existing X509/RSA solution?
Yes, since if p≡p finds that a message which is not in a standard format, as in the case of the proprietary RSA asymmetric encryption, it will just let it pass and not interfere and so you can drive the two systems in parallel.
Will p≡p work with my existing S/MIME solution?
If you have a pre-configured S/MIME solution in place it will work seamlessly and as you know it with p≡p. p≡p will not change your S/MIME messages.
Will p≡p work with my existing Office 365 Message Encryption solution?
Yes, p≡p will work with your existing Office 365 Message Encryption solution in one of two ways: Either Office 365 will encrypt the email and p≡p will not recognize the file type and so it will ignore it and let and leave it be transported as usual, or p≡p will encrypt the message itself and work on top of Office 365 Message Encryption.
Will p≡p work with my existing SPAM solution?
No, p≡p will not work with your existing SPAM solution. However, SPAM is dependent on unencrypted email and so SPAM mails come unencrypted not encrypted.
Will p≡p work with my existing Email Archiving solution?
Yes, p≡p will work with your existing Email Archiving solution. There are two main cases:
1. If your company’s email archiving solution duplicates every email when it arrives on the local MTA (e.g., Exchange) you would still be able to read these emails later, even when they have been encrypted.
2. If Exchange is not the MTA, and say there is a boarder MTA in front of Exchange e.g., A DM Set, then this server is untrusted and so the message needs to be encrypted with two keys (the users key and the second company key), the original email is deleted from the untrusted mail server and the newly re-encrypted email is stored instead. In this case you have access to all emails with the company key. So yes, p≡p will work with your existing Email Archive solution and decide for the case where the message can be stored encrypted.
Will p≡p work with my existing Hold and Litigation Hold solution?
Yes, p≡p will work with your existing Hold and Litigation Hold solution assuming that the emails are not stored encrypted.
Will p≡p work with my existing eDiscovery solution?
Yes, p≡p will work with your existing eDiscovery solution assuming that the emails are not stored encrypted.
Will p≡p work with my existing Inactive Mailbox solution?
Yes, p≡p will work with your existing Inactive Mailbox solution.
Will p≡p work with my existing Email Data Loss Protection (DLP) solution?
There are three scenarios for how p≡p can work with your existing DLP solution:
1. You could take the business decision that an encrypted email is safe and so there is no need for DLP and it is OK for the DLP solution not to be able to read encrypted emails.
2. You could issue a company key for the DLP box to enable it to check encrypted mails. This would be beyond where most companies are today as this is not a feature of any S/MIME implementation.
3. We do have the option to implement DLP in p≡p by delivering an MTA that decrypts the message and send an unencrypted copy to the DLP and if the DLP lets it through then in this case we would let the encrypted email through, too. If this scenario is important to you then please contact us via firstname.lastname@example.org.
Will p≡p work with my existing Auditing solution?
Yes, p≡p will work with your existing Auditing solution assuming that the emails are not stored encrypted.
Will p≡p work with my existing Messaging Records Management (MRM) solution?
Yes, p≡p will work with your existing MRM solution assuming that the emails are not stored encrypted.
Will p≡p work with my existing Information Rights Management (IRM) solution?
Yes, p≡p will work with your existing IRM solution and indeed p≡p will not recognize the file type and so it will ignore it and let and leave its Rights Management properties in place
Will p≡p work with my existing Journaling solution?
Yes, p≡p will work with your existing Journaling solution assuming that the emails are not stored encrypted.
p≡p Software (Technical Details)
How is the p≡p software architected?
There is a p≡p engine at the core (same for all platforms) and there are adapters in the layer above the engine used to build p≡p plugins and p≡p apps. For example, there is a native app for iOS that accesses the engine via the Objective-C/Swift adapter.
More information about p≡p's functionalities and general architecture can be found here https://pep.foundation/docs/pEp-whitepaper.pdf.
To learn more about the actual code please refer to https://pep.foundation/pep-software/.
What is the p≡p Engine?
The p≡p engine is Free Software that is available under the GPL 3.0 license and today runs on Android, iOS, Linux, macOS and Windows. The p≡p engine includes encryption services (including compatibality to OpenPGP, automated key management services, etc). The p≡p engine can also be distributed under other licenses; commercially, we pursue an Open Source and multi-licensing strategy.
What Adapters are there?
How can I find out more about the potential of using p≡p as part of my Software Solution?
We would welcome your enquiry.
The p≡p Company
Who is pretty Easy privacy?
pretty Easy privacy (abbreviated as p≡p) is a leading provider of cybersecurity solutions which protect the confidentiality and reliability of digital communications for citizens, for public offices and for enterprises.
What is the motivation of p≡p?
Ultimately, p≡p wants to change the default of online text-based communications from unencrypted, unveriﬁed and unanonymized to encrypted, veriﬁed and anonymized.
What is the basic idea behind p≡p?
If text-based communications is assumed to be encrypted, veriﬁable and anonymized by default, then we can build software to do this which is pretty easy, in fact very easy to use. p≡p, contrary to existing cryptographic solutions, is easy to install, use and understand, allowing all users, not just power users, to use end-to-end cryptography.
How long have you been working on p≡p?
The idea for p≡p came to us in the summer of 2012.
What have the major milestones been for p≡p since then?
The major milestones for p≡p since inception have been:
First p≡p algorithms were developed
First version of the p≡p Engine was running
p≡p for Outlook was piloted in some large Enterprises
p≡p Company was formed
p≡p for Outlook Preview was made available
Crowdfunding raised $50,000
Development started on p≡p for iOS and p≡p for Android
First round of funding raised €3,000,000
Fall of 2015
Development Team and Support Team were both expanded
p≡p Foundation established
Financial support from the Luxemburg Government granted
p≡p for Outlook and p≡p for Android launched
Enigmail with p≡p launched
p≡p for Android with Material Design launched
p≡p coop established
p≡p for iOS launched
Who is behind p≡p?
The four co-founders of p≡p are:
- Leon Schumacher (CEO), ex-CIO of two Fortune 100 companies
- Volker Birk (CTO), Software Architect and Security Expert
- Simon Witts (Sales), ex head of Enterprise Sales for Microsoft
- Sandro Köchli (Service), entrepreneur in Open Source market
Why is the company offering Commercial Software and Free Software products
p≡p is active in both the Commercial Software and the Free Software markets to ensure that as many people and organizations as possible can benefit from the improvements p≡p provides for your privacy.
Why did you also start the p≡p Foundation?
The p≡p foundation https://pep.foundation/ has a separate charter to advocate for Privacy, Freedom of Information and Freedom of Speech with a community-focus. It is also responsible for developing and distributing the core p≡p technology under the GNU GPL Version 3 License and holding the p≡p trademarks. The foundation also provides the basis for integrating GNUnet in p≡p in order to roll out metadata protection.
Why is p≡p headquartered in Luxemburg and Switzerland?
Luxemburg and Switzerland are neutral countries which provide a good basis for independent software development. Furtherly, the founders live in and/or are citzens of those countries.