ASTIS Mail
End-to-end encrypted email client for Gmail and Microsoft 365
ASTIS Mail is a privacy-first Progressive Web App that adds end-to-end encryption to your existing email account. All encryption and decryption happens on your device — we never see your data.
What ASTIS Mail Does
ASTIS Mail connects to your Gmail or Microsoft 365 account and encrypts your emails end-to-end using OpenPGP and AES-256-GCM.
End-to-End Encryption
Every email is encrypted with AES-256-GCM before it leaves your device. Only the intended recipient can decrypt it.
Zero Knowledge
ASTIS never has access to your email content, attachments, or encryption keys. We literally cannot read your emails.
Works Everywhere
Progressive Web App that works on desktop, tablet, and mobile. No app store download required — just open your browser.
Gmail & Microsoft 365
Connect your existing Gmail or Microsoft 365 account. ASTIS Mail works as an encryption layer on top of your current provider.
Automatic Key Management
OpenPGP keys are generated and managed automatically. Recipients are discovered via Web Key Directory (WKD) — no manual key exchange.
On-Device Storage
Decrypted emails are stored locally in your browser. Your data stays on your device, not on our servers.
How It Works
ASTIS Mail uses OAuth to connect to your email provider and encrypts everything client-side.
Connect Your Email
Sign in with your Gmail or Microsoft 365 account using OAuth. ASTIS Mail gets permission to read and send emails on your behalf.
Encryption Keys Generated
An OpenPGP key pair is created on your device. Your public key is published to ASTIS WKD so others can find you.
Send Encrypted Emails
When you compose an email, ASTIS Mail encrypts it client-side with AES-256-GCM. The encrypted session key capsule is stored on ASTIS infrastructure.
Recipient Decrypts
The recipient's ASTIS client retrieves the session key capsule, decrypts it with their private key, and decrypts the email — all on their device.
Data & Permissions
ASTIS Mail requests the minimum OAuth permissions needed to function. Here is exactly what we access and why.
What we do NOT access
ASTIS never stores, processes, or has access to your email content on our servers. All email data is processed exclusively on your device. We do not sell, share, or use your data for advertising. See our Privacy Policy for full details.
More Features
Beyond encrypted email — ASTIS Mail includes tools for enterprise teams and power users.
Message TTL & Expiry
Set time-to-live on encrypted emails. Session key capsules expire automatically — expired emails cannot be decrypted.
Encrypted Attachments
Attachments are encrypted alongside the email body with the same AES-256-GCM encryption.
Real-Time Sync
Changes sync in real-time across all your devices via your email provider.
Enterprise Ready
Organization key management, BYOK/HYOK support, audit logging, and compliance controls for business teams.
Encrypted Calendar
Built-in calendar with end-to-end encrypted events, integrated with Microsoft 365 calendar.
Contacts & GAL
Encrypted contact management with Global Address List support for organizations.
Supported Platforms
Gmail
Google Workspace and personal Gmail accounts via OAuth 2.0
Microsoft 365
Outlook, Exchange Online, and Microsoft 365 accounts via OAuth 2.0
Security at a Glance
Ready to encrypt your email?
Connect your Gmail or Microsoft 365 account and start sending encrypted emails today.