Data Protection Measures

Bersoft Private Mail (BPM) uses two levels of encryption to protect your messages and email settings from unauthorized access:

 

 

  1. All the messages stored in your computer are always encrypted using state of the art AES-256 encryption.
    Different from most email programs, BPM tries to minimize the number of messages kept online. When working with IMAP accounts BPM saves deleted messages in the local  Trash folder, instead keeping them online, the same happens when messages are sent, they are stored in the local Sent folder, not online.

  2. BPM uses a strong encryption system to provide end-to-end email encryption that encrypts and decrypts email directly between clients. Email messages remains encrypted on internal relay mail servers or when it is stored on the cloud (Gmail, Outlook, etc.).  BPM uses RSA asymmetric keys (up to 4096 bits) to protect the messages in transit (like PGP does), but it simplifies to the utmost the management of encrypted messages.

 

BPM is portable. All messages are stored in the Config\Mail folder, inside BPM folder. BPM can backup and restore your settings, and since messages are stored as individual files in the message folders created by the user, copying or backing up them is not difficult.

 

BPM asks for an access password each time it starts. Without such password neither the messages or the program configuration can be accessed. If the password is compromised, it is easy to change it. BMP will automatically encrypt all the messages with the new password.

 

To send / receive encrypted messages, BMP uses RSA asymmetric keys to encrypt the messages. BPM uses its own system to encrypt messages, only BPM can read encrypted messages sent by BMP.

How to send and receive encrypted messages

 

All Bersoft Private Mail data in your drive, including messages, settings, address book  and temporary files will be automatically encrypted.

How to access your secured data

 

All Bersoft Private Mail (BPM) data in your drive, including messages, settings, address book  and temporary files are automatically encrypted using state of the art AES-256 encryption.
Different from most email programs, BPM tries to minimize the number of messages kept online to protect them better. When working with IMAP accounts BPM saves deleted messages in the local  Trash folder, instead keeping them online, the same happens when messages are sent, they are stored in the local Sent folder, not online.

 

When messages are deleted they are wiped out completely by overwriting them with random data before they are deleted. In that way they cannot be recovered in any way..

 

No message saved by BPM can be read (decrypted) without using the correct password (messages can be exported as unencrypted files File->Export selected Messages as Unencrypted Files).

 

When working with messages encrypted with RSA keys, they cannot be read without using your RSA Private key, which in turn, will not be accessible until you enter your main password when you start BPM. Your Private RSA key is stored in encrypted form.

 

Notice that the only thing that is not encrypted are the folder names, because they are normal folders, created inside BPM main folder (although the messages that they store are encrypted). Do not assign the folders any names that you want to keep private.

 

Since BPM is portable, to protect your password when running it in computers that are not trusted, it provides a virtual keyboard to enter the password, to avoid keyloggers from getting it.

 

If somebody tries unsuccessfully to start BPM (trying wrong passwords several times) when you are away from your computer, the next time you start BPM (with the proper password) it will notify you about the intrusion.