EviCypher Webmail & Cloud

#0 / 0 rate

EviCypher Webmail & Cloud

29 users

2021-10-19

https://freemindtronic...

support@freemindtronic...

Extension Information

5 star
0%
4 star
0%
3 star
0%
2 star
0%
1 star
0%

Supported Languages

Permissions

Description

Contactless encryption of instant messaging, email and social networks via Freemindtronic's EviCypher NFC device technology

To fully take advantage of the end-to-end security extension's features using an NFC device, including automatic authentication filling (username and password), encryption of webmail (Gmail, Roundcube) and web instant messaging (WhatsApp), as well as file encryption usable for attachments, and automatic encryption of communication protocols between the Android NFC phone with the Freemindtronic application and the computer, you need to have a contactless hardware security module (NFC HSM) from Freemindtronic. This is a hardware password manager and an AES-256 encryption key manager.

However, the extension has free features that work without an NFC HSM device, such as a potential security risk detector on an iframe redirection element displayed in the website content.

This allows you to easily manage the trustworthiness of this site before entering sensitive information such as passwords, email addresses, or credit card information. This extension has an IRDR (Iframe Redirect Detection and Removal). It is an effective solution to counter attacks such as BITB (Browser in the Browser) that use iframes to redirect you to fake pages.

To use the free Iframe Redirect Detection and Removal (IRDR) feature of the EviCypher extension, you need:

A Chromium-based web browser for your computer, such as Chrome.
Enable the BITB (Browser-in-the-Browser) function.
A window appears as soon as the iframe redirection is detected. You have four options:

A button (close warning) to close the iframe.
A button (never show warning on this site) so that this IRDR window is no longer displayed for this URL you consider trustworthy. It will be saved in the browser.
A button (Destroy) to remove the iframe linked to the redirected link displayed in the URL window: https://...
A button (Clean Storage) to remove trusted URLs saved in the browser via IRDR.
A button (Learn More) that redirects you to the BITB page on the Freemindtronic website.
To use the webmail encryption extension, you need the following items:

The Chromium-based browser extension, such as Chrome.
An NFC device with EviCypher technology.
The Freemindtronic Android application installed on an NFC-compatible phone.
The EviDNS ZeroConf software installed on your computer.
Additionally, EviCypher Webmail is also compatible with the EviPass NFC HSM technology embedded in the Freemindtronic Android NFC application. This allows for auto-login or auto-filling of identification fields for an online or offline account via a web browser from an NFC HSM with password manager functionality. This is done contactlessly. You simply click on an icon that appears in the field. A connection request is sent to the phone paired with the EviCypher extension. The user then passes their NFC HSM under the NFC phone’s antenna, and the connection is automatically and securely made with anti-phishing sandbox URL, typosquatting, and BITB protections.

After the contactless pairing of the device with the NFC phone, and then the NFC phone with the web browser extension, an end-to-end encrypted communication tunnel is established between the devices. After this last step, everything is automatic.
The EviDNS ZeroConf software is developed by Freemindtronic. It allows you to quickly find terminals such as phones connected on the same local network without a server or database. It collects the IP address and port number of paired phones to inform the EviCypher Webmail extension.

How does it work?

The extension automatically adds buttons for contactless encryption and decryption using a Freemindtronic NFC HSM device. The extension is compatible with email client services such as Gmail and RoundCube, as well as web instant messaging services such as WhatsApp.

End-to-end encryption from human to human!

Indeed, emails always remain encrypted on the computer, phone, or email server, even when displayed on a screen.

To access plain text emails, the user must have an NFC device and the appropriate key for encryption and decryption. If necessary, they must also validate the trust criteria associated with the key. Thus, only the person holding the device can encrypt and decrypt emails.
Advantageously, even if the email service is compromised, the email remains always encrypted, whether it is received, sent, or awaiting final deletion.

Decryption is done on demand, temporarily, in the volatile memory of the computer or phone. Thus, the plain text message is never stored, as it is automatically deleted after reading.

The extension version history is available at the following link:
https://freemindtronic.com/version-history-of-software-freemindtronic-andorra/