SUPPORT

HELP & FAQ

WELCOME

GETTING STARTED

SECURITY & PRIVACY

YOUR PERSONAL DATA

ACCOUNT MANAGEMENT

LEGAL

What is AperiMail?

AperiMail offers you a secure alternative to other email platforms and services (such as Outlook or Gmail, etc.) by providing you with a secure way to communicate without compromising your privacy. AperiMail is a messaging solution, and soon an app, designed for anyone who needs a truly safe, easy and resilient way to communicate. In the future, AperiMail won’t rely on a central server – messages will be synchronized directly between the users’ devices using the most advanced technologies available, but for now, we’ve beefed up traditional email to offer you the best way to safe with your private communications.

What makes AperiMail different from other providers?

We will not compromise on our customers privacy or security and we are starting a journey to help our customers take back control of their data.

We aim to provide the best protection and ease of use possible. Not everybody is an IT security expert; you need to be able to use a messaging solution safely and in confidence, away from false privacy promises. Our services are all set at the highest privacy and anonymity is standard with no need to understand complex encryption concepts. You know you are automatically set for maximum privacy and security.

One such example of our high security standards can be seen in our current email offering whereby TLS 1.3 is default. When our upcoming apps are release, the same approach will be taken and all will be set at the highest level of protection as a standard.

We are on a journey to build a complete P2P solution set via our own desktop and mobile apps that will bring best in class services, privacy and anonymity. We look forward to having you with us on the journey to experience the next level of privacy and security!

Who are we?

We are a team of passionate developers and technology experts with a shared vision for people’s right to have access to digital privacy and anonymity.

As a group, we have extensive experience in security and digital security and a shared passion for the right to safety and privacy.

We have been talking to various groups over the years and through this, have concluded that there is clearly a great mismatch between the solutions available and the needs of those that rely on them.

We decided to join forces and build AperiMail. All these conversations have helped us design our final strategy and technology roadmap:

  • First developments started early 2020 but the core designs come from research and development many years prior
  • Beta solution launched in Summer 2020
  • First investor joined October 2020
  • New investors joined Late 2020
  • Our first solution went on sale February 2021
  • Team expansion through recruitment taking place Early 2021
  • Planned launch of dedicated apps Late 2021
  • Full P2P and E2E solutions expected in 2022

AperiMail takes your right for privacy and anonymity very seriously so long as your usage doesn’t hurt anyone, or contradict the law, basic decency or human rights.

Setting up your email client

There are numerous email clients on the market at the moment; it would be challenging to demonstrate how to set-up each one individually. The email client applications that we recommend should automatically populate the server configuration details once you have entered your display name, email address and password during the set-up process, however if for some reason it doesn’t, the manual details are below.

It’s very important that you use the most up-to-date version of your email client and that it uses the latest version of the transport security layer (TLSv1.3). This is by design for security reasons.

We only support the secure versions of IMAP, POP3 and IMAP, the insecure versions are disabled.

IMAP Settings

  • Account Name: Your new email address
  • Server Name: mail.aperimail.com
  • Port: 993
  • Connection Security: SSL/TLS
  • Authentication Method: Encrypted Password

POP3 Settings

  • Account Name: Your new email address
  • Server Name: mail.aperimail.com
  • Port: 995
  • Connection Security: SSL/TLS
  • Authentication Method: Encrypted Password

SMTP Settings

  • Account Name: Your new email address
  • Server Name: mail.aperimail.com
  • Port: 587
  • Connection Security: STARTTLS
  • Authentication Method: Encrypted Password
Which email clients can I use?

AperiMail takes your privacy seriously and we will not compromise on security to enable our email solution to work with all email clients. We recommend making sure that the email client that you are going to use will work with the latest transport security layer (TLS). As of November 2020, TLS is at version 1.3. The email client application should also be able to work with Pretty Good Privacy (PGP), the software program that enables the encryption of email content and attachments.

Our support team is testing the email clients currently on the market, and the table below shows our current recommendations. We will add more clients to the table once we have completed a review of compatibility.

 

Client Version Platform Website
Thunderbird 78+ Windows, Mac, Linux Get
Evolution 12.1+ Linux Details
Fair Email 1.14.25+ Android Get
iOS/macOS Mail iOS 14+, macOS 11+ iOS, Mac

 

Does AperiMail have an email client?

Soon. We are developing our own email client that will work across all main operating system platforms provided by Apple, Google, Microsoft and various Linux distributions. We aim to provide both mobile and desktop apps to enable a seamless experience. Our application will be based on the next-generation web technologies, developed with privacy and security in mind.

Do you have webmail?

For security and privacy reasons, we have decided not to provide a webmail portal. Currently the development libraries used to make an SMTP connection to the email services do not provide support for TLSv1.3. We may review this in the future once support is available and if there is enough demand.

Do you use two-factor authentication?

Our customer portal uses two-factor authentication to provide added security. Customers are required to setup this added protection when registering a new account.

What is Pretty Good Privacy (PGP)?

PGP is a method which allows the encryption of email content and attachments. Most modern email solutions use PGP to achieve end-to-end encryption. The process involves individuals creating public/private keys and sharing their public key with the people they want to communicate securely with. For example, if Bill wants to send Jane a secure email, he will need to have Jane’s public key. He will write his email as normal and then use Janes’ public key to encrypt the message. When Jane receives the encrypted message, her email client application will use her private key to decrypt the message. Jane is the only person to be able to read the message unless her private key is exposed.

Setting up PGP

There are many tools for setting up PGP keys. Thunderbird enables you to create keys with relative ease – check out the video below which shows you how to do this:

For the tech savvy and people used to using the terminal on macOS or Linux, below is a video which shows you how to use GNU Privacy Guard (GPG). Visit GPG for detailed documentation and details of front-end applications which support GnuPG.

What is end-to-end encryption (E2EE)?

It means messages are encrypted while in transit, never decrypted, and only readable by you.

E2EE ensures privacy
Messages are undecryptable by anyone other than the recipient. Access and service providers are themselves incapable of decoding the conversations and documents that are exchanged.

E2EE ensures integrity
If you receive a successfully decrypted message, you can be sure it’s the same message that was sent to you and that it wasn’t somehow tampered with in transit. End-to-end encryption is when data is encrypted whilst in transit and at rest. We refer to ‘transit’ as meaning when data is being sent across a network such as the Internet or a local area network. ‘At rest’ refers to when data is stored on a server storage device, a network database or on a user’s mobile or desktop device.

What is zero-access encryption (at rest)?

It means where data is resting it is always encrypted and nobody but you can read its content.

What is the difference between end-to-end encryption and zero-access encryption?

When someone sends you a non-encrypted message, the email content is vulnerable to interception. When you send an encrypted email, the risk of interception is eliminated – only you and the receiver can read the message.

If somehow our servers were to be breached, both zero-access encryption and end-to-end encryption would ensure email content is always encrypted and only accessible by you. This is important for complying with data protection laws such as the GDPR and this is what our customers are expecting from a provider like us.

Does AperiMail encrypt subject lines?

Right now, subject lines are not encrypted as the OpenPGP protocol we use requires they be readable and searchable. This isn’t ideal, and we already plan to address it.

When our next generation apps launch, every piece of information attached to your message will be encrypted, including subject lines.

We recommend using generic subject lines in the subject field and putting any sensitive content in the message body.

Do I need to be mindful of how secure my device is?

Yes, always. Our servers can’t read your messages, but it is aware of the fact you exchanged messages on a certain day and at a certain time. In some cases, merely communicating with particular people may draw unwanted attention.

Secondly, if someone gains access to the device you use to communicate, or the one your recipient(s) use, they will be able to read the messages, as well as write and send messages on your behalf. Protecting the integrity of end-to-end encryption requires the protection of devices and application access — even if only with a PIN code — so that if the device is lost or stolen, your correspondence, along with the ability to impersonate you, does not fall into the wrong hands.

We strongly recommend to use a good VPN (not all VPNs offer good protection and some will track you so research these thoroughly).

What is TLS?

Transport Layer Security (TLS) is a protocol that enables communication across networks such as the Internet so that data is transmitted in a secure and private way.

What version of TLS does AperiMail use?

AperiMail’s policy is to use the latest version of the Transport Layer Service as a standard which is currently 1.3. There are many improved enhancements over previous versions, better speed, security and reliability. Encryption latency has been reduced by half over version 1.2. Obsolete and insecure features found in older versions of TLS have been removed.

We aim to put privacy and security above at the forefront of what we do. Only when your email client fails to connect with TLS 1.3 will a TLS 1.2 connection establish, however this will use recommended high ciphers. 

Do you use cookies on your websites?

We only use basic session cookies which are required for functionality – these cookies are temporary and expire once you close your browser (or once your session ends). They are strictly necessary for the navigation and the normal use of the portal including payment processing.

How do you block spam?

Our servers run various spam checking technologies on incoming emails. Initially, we spam check emails against reputable third party spam checking software houses, such as SpamHaus and SpamCop. If these databases detect known spam, the emails will not be delivered to you. If an incoming email passes through the first check but our internal systems determine the message might be spam, we will affix a small warning note at the top of the message to warn you that the message may be spam.

Do you virus check emails?

Yes, all incoming emails are virus checked before being delivered to your Inbox. You should however always download and virus scan attachments before opening them up on your computer as an extra precaution.

What personal data does AperiMail use or store?

None.

By design AperiMail does not use, collect, nor store any personally identifiable information (PII) making us perfectly GDPR compliant. We do not ask nor want your name, and we don’t need an email address or phone number.

Credit/Debit card payment processing is completely isolated and managed by Stripe. They will manage payment and recurring billing automatically. AperiMail has no access to sensitive information such as your full card number or CVV. We also offer cryptocurrency payments through Coinbase which does not reoccur.

Can you read my emails on the server?

Not a chance.

All emails are encrypted on the fly, so that at rest they are secure from exposure to anyone. We use AES-256 (256-bit Advanced Encryption Standard) encryption which is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard. The symmetric encryption keys are randomly generated and protected using an Elliptic Curve provisioned private key. Encryption is done using the Integrated Encryption Scheme.

Will you access and collect my contact list?

Absolutely not.

We don’t like this. We believe this is violates your right to privacy and anonymity. We understand how other apps use this convenience to subtly increase their market penetration. To us, privacy suffers no compromises, so we will never fall into such practices.

Does AperiMail sell data?

Nope and never.

We ensure we don’t have any personally identifiable information (PII) about you so there’s nothing to sell anyway. Regardless, selling any data whatsoever fundamentally contradicts our core principles. We have zero access to your mailbox so don’t scan your inbox for clues about your interests and habits, like others do.

How do I reset my password?

There are two methods of resetting your password, each depends on the situation.

Scenario 1

You have forgotten your password and are not able to login to the portal or send and receive email. Unlike some email providers, you will not be locked out of your account forever.

From the login page, click on the Forgot You Password link

You will be redirected to the Recover Password screen.

You will need to type in your email address. The Password Reset Code was issued when you registered for your AperiMail account and were asked to keep it in a safe place. Type in your new password and repeat for confirmation. If your email address and Password Reset Code are correct then your new password should be set.

Please note that we hash all passwords and will not be able to recover your password.

Scenario 2

You have logged into the AperiMail portal and want to reset your password. From the dashboard click on Reset Password

You may be asked to confirm your current password.

Type in your password and confirm and click the reset button.

If you are successful in changing your password you will see the Success message.

 —

Once you have changed your password on the portal, please ensure that you change the password for your account on all of the email clients you have setup, including the IMAP and SMTP passwords.

Failure to update all email clients with the new password may result in your IP address being temporarily blocked by our servers as the servers may perceive this as someone unauthorized trying to access your account.

My email and password are correct, but I can't login!

There could be a number of reasons why you are not able to login:

  • Check that you have an Internet connection on your device.
  • Make sure your client is configured correctly (see Setting Up Your Email Client).
  • Make sure you are using the latest version of your email client – older versions will not work as they are not secure enough.
  • If you have made 5 failed attempts to login to your account, your IP address will be blocked. You will have to wait until the block is automatically removed.
  • If you continue to have issues logging into your account, then please click on the contact link and either fill in the contact form or start a chat conversion with us.


IMPORTANT:
 If you are setting up your account for the first time and are unable to connect to the email server, check that the client you are using is TLSv1.3 compatible. You may see SSL or TLS errors or unable to connect to server messages which will help to confirm this is the case.

We value your security and privacy and therefore it’s our policy to ensure we use the most secure version of TLS available. We have listed the email clients that we know work under the section Which email clients can I use?

Can I get live support?

All of our clients get Email and Live Chat support. We will endeavour to respond in a timely and professional manner. Some packages also have phone support; to find out if you have this, go to the Subscription Details page when you are logged into the portal.

CONTACT US

Will you comply with authorities demands to turn over my messages?

We may disclose specific regulatory information in circumstances such as when you agree to it or if the law, a court order, a legal obligation or regulatory authority ask us to. We may also disclose information for the prevention of fraud or crime or if it is necessary to protect and defend our rights, property or the personal safety of our staff, the website and its users.

GDPR Statement

GDPR requires organizations to implement technical measures to protect the personal data in their possession. We possess, use, or store none.

As for contents, we use both end-to-end encryption and zero-access encryption (encryption when data are resting on a server) to protect stored data at all times. We cannot access users’ encrypted data because we do not have access to users’ private encryption keys or passwords. These security measures guarantee that data cannot be read, even if the servers were somehow breached.

HOW-TO VIDEOS

THUNDERBIRD

CONTACT US

   Live Chat

When you need help on demand. Chat with a live agent to resolve your issue as fast as possible.
Live chat hours may vary depending on your locality.

   Email

Available to all, we’re here to help. Email us your query and we’ll respond as fast as possible.

Email support hours may vary depending on locality.

   PHONE

Priority support for select plans. Login to the portal to view your priority support phone number.

Phone support is available for Solo Max, Venture Plus, and Venture Max users.