Efail: IncaMail remains secure

On 14 May 2018, it was announced that a research team had managed to expose end-to-end e-mail encryption using the S/MIME and PGP procedures. The incident was reported on the Internet under the name Efail. IncaMail, Swiss Post’s secure e-mail service, encrypts and decrypts e-mails using the patented SAFE procedure and is therefore not affected by the security loopholes that have been detected.

No change of mail client

IncaMail can still be used in all mail clients and secure mail gateways without any worries, even if they are deemed unsecure following Efail. An update or change of client is not necessary with IncaMail. All messages are secure, irrespective of whether they are old, new, or have already been sent. In the interim, IncaMail has also installed a hotfix, which implements suggestions for heightened security from the research team.

However, recipients can easily recognize scam attempts made on IncaMail messages, even if they are futile: the e-mail signature is not valid or does not originate from Swiss Post.

If you have any queries about Efail, please contact our helpdesk:

Switzerland and international (apart from Germany): tel.: +41 848 000 414 (CHF 0.08/min. from a Swiss landline), support@incamail.ch

Germany: tel.: 0951 6029 79 98 (local rate), support@incamail.de