Across the web, thousands of different platforms and web services have gradually eased their usability and increased their functionality through APIs. An API is a “bridging” tool that helps two different services talk to each other. One service can consume the functionality that is provided by another service. We will walk you through just how Mailvelope’s email encryption works with Google’s Gmail API.
Google provides the Gmail API to other applications and services and grants them access to Gmail’s functionality. That means that besides the Gmail webmail experience or the Gmail app on mobile, third party providers can build their own applications to send and receive emails with the Gmail service. Applications can range from apps, web applications and browser extensions like Mailvelope. As a browser extension that integrates seamlessly with your Gmail, Mailvelope is not a standalone email client. Nevertheless, access to the Gmail API makes our integration easier and helps us to add extra layers of security on top of your Gmail without sacrificing usability.
One of the extras we gain with the API is PGP/MIME support in Gmail. PGP/MIME defines a standard that describes how to encrypt and sign an email with attachments in one structure. This is a widely used format that PGP applications need to support for compatibility. Mailvelope requires the Gmail API to access the raw data of PGP/MIME messages. Also, sending emails with attachments is simplified with the Gmail API. Files can be added to the Mailvelope editor and Mailvelope will send out these emails (via the API) with one click.
The optimizations of the Mailvelope integration into Gmail does not stop here. We have added new controls to Gmail that enhance the processing of encrypted emails. We have placed a new Mailvelope button next to the Gmail compose button. Here, you can directly open the Mailvelope editor and start writing a secure email.
By default, when you install Mailvelope, the Gmail API integration is already active and you’ll see the Mailvelope button next to “Compose”. But you need to first allow Mailvelope to access the Gmail API. The Gmail API is accessed/triggered when you click on the Mailvelope button or an encrypted message. Mailvelope will then ask you to sign in with Google and open an authorization pop-up that asks you to grant Mailvelope access.
Mailvelope requires these permissions to send and read encrypted emails using your Gmail account. You can read more about that in our FAQ: Google requests additional permissions for the Gmail API integration of Mailvelope. What are they necessary for and how does Mailvelope handle my data? The Gmail API is not mandatory in Mailvelope. We support many mail providers without API integration (e.g. Yahoo, Outlook.com), so the same goes for Gmail.
In the following screen in the Mailvelope settings, the Gmail API can be deactivated.
Mailvelope then switches back to a simpler form of integration with fewer features and more manual steps required to support scenarios like encrypted email attachments.
With the release of the Gmail API support in Mailvelope, we also launched a subscription service "Mailvelope Business" that IS built for organizations that use Google Workspace and offers premium support and other new features. For Mailvelope - Community users the Gmail API access in Mailvelope will remain free.
We cover the details of the Mailvelope - Business package in the next post.